www.heraldlive.co.za Open in urlscan Pro
2a00:1450:4001:800::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://weekendpost.co.za/
Effective URL:
https://www.heraldlive.co.za/weekend-post/your-weekend/
Submission: On July 23 via automatic, source certstream-suspicious (July 23rd 2024, 9:43:26 am UTC) — Scanned from GB

Summary HTTP 137 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 41 IPs in 10 countries across 32 domains to perform 137 HTTP transactions. The main IP is 2a00:1450:4001:800::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.heraldlive.co.za.
TLS certificate: Issued by WR3 on May 29th 2024. Valid for: 3 months.

This is the only time www.heraldlive.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a01:7e00:e00... 2a01:7e00:e000:3f7::	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
33	2a00:1450:400... 2a00:1450:4001:800::2013	15169 (GOOGLE) (GOOGLE)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	172.67.212.172 172.67.212.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:205... 2600:9000:2057:ea00:17:2922:12c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:d51... 2a02:6ea0:d513::4	60068 (CDN77 _) (CDN77 _)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1 2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	172.67.181.105 172.67.181.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	172.67.136.238 172.67.136.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 _) (CDN77 _)
3 3	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1 1	52.58.190.236 52.58.190.236	16509 (AMAZON-02) (AMAZON-02)
14	212.36.83.245 212.36.83.245	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	54.217.140.248 54.217.140.248	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2607:ae80:192... 2607:ae80:192:1::176	26558 (FREEWHEEL) (FREEWHEEL)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 3	142.132.202.70 142.132.202.70	24940 (HETZNER-AS) (HETZNER-AS)
1 2	184.30.210.6 184.30.210.6	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
4	212.36.83.216 212.36.83.216	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
1	13.58.45.4 13.58.45.4	16509 (AMAZON-02) (AMAZON-02)
1	41.76.214.250 41.76.214.250	37611 (Afrihost) (Afrihost)
1	3.73.24.37 3.73.24.37	16509 (AMAZON-02) (AMAZON-02)
1	18.203.16.123 18.203.16.123	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:3600:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
8	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.212.85.244 52.212.85.244	16509 (AMAZON-02) (AMAZON-02)
2	198.47.127.206 198.47.127.206	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
4	185.64.189.221 185.64.189.221	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	35.81.64.53 35.81.64.53	16509 (AMAZON-02) (AMAZON-02)
4	35.171.96.17 35.171.96.17	14618 (AMAZON-AES) (AMAZON-AES)
137	41

1 2a01:7e00:e000:3f7:: (London, United Kingdom) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

weekendpost.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:800::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.heraldlive.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.212.172 (United States)

ASN13335 (CLOUDFLARENET, US)

applets.ebxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trackerapi.ebxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:ea00:17:2922:12c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.vic-m.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:d513::4 (Milan, Italy)

ASN60068 (CDN77 _, GB)

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nethcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.181.105 (United States)

ASN13335 (CLOUDFLARENET, US)

weatherwidget.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.136.238 (United States)

ASN13335 (CLOUDFLARENET, US)

a11ybar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.149.91 (Groningen, Netherlands) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.190.236 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-190-236.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 212.36.83.245 (Barcelona, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb1.vdmy.dtic.es

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.140.248 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-140-248.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:ae80:192:1::176 (United States) 1 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.132.202.70 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.70.202.132.142.clients.your-server.de

korfo.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
powered-by-revidy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.210.6 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-210-6.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
best.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.36.83.216 (Barcelona, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: w4.vdmy.dtic.es

ad.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.58.45.4 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-45-4.us-east-2.compute.amazonaws.com

leo.vic-m.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 41.76.214.250 (South Africa)

ASN37611 (Afrihost, ZA)
PTR: tla.dedicated.co.za

banner.vic-m.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.73.24.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-24-37.eu-central-1.compute.amazonaws.com

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.16.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-16-123.eu-west-1.compute.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:3600:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.85.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-85-244.eu-west-1.compute.amazonaws.com

vid-io-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.206 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.221 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

st.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.81.64.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-64-53.us-west-2.compute.amazonaws.com

vid-io-cle.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.171.96.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-96-17.compute-1.amazonaws.com

vid-io-iad.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	heraldlive.co.za www.heraldlive.co.za	1 MB
20	vidoomy.com ads.vidoomy.com — Cisco Umbrella Rank: 39943 vpaid.vidoomy.com — Cisco Umbrella Rank: 4951 a.vidoomy.com — Cisco Umbrella Rank: 4471 ad.vidoomy.com — Cisco Umbrella Rank: 37364	120 KB
14	pubmatic.com vpaid.pubmatic.com — Cisco Umbrella Rank: 8925 ads.pubmatic.com — Cisco Umbrella Rank: 855 vid.pubmatic.com — Cisco Umbrella Rank: 12012 st.pubmatic.com — Cisco Umbrella Rank: 1589	92 KB
9	springserve.com vid.springserve.com — Cisco Umbrella Rank: 13128 vpaid.springserve.com — Cisco Umbrella Rank: 47845 vid-io-dub.springserve.com — Cisco Umbrella Rank: 28197 vid-io-sin.springserve.com Failed vid-io-cle.springserve.com — Cisco Umbrella Rank: 35673 vid-io-iad.springserve.com — Cisco Umbrella Rank: 10797	94 KB
9	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 129	828 KB
5	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662 region1.analytics.google.com — Cisco Umbrella Rank: 3773	127 KB
5	gstatic.com fonts.gstatic.com	278 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	160 KB
4	vic-m.co static.vic-m.co — Cisco Umbrella Rank: 669229 leo.vic-m.co banner.vic-m.co — Cisco Umbrella Rank: 911268 ad.vic-m.co Failed	26 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	178 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 499	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	286 KB
3	ebxcdn.com applets.ebxcdn.com — Cisco Umbrella Rank: 8438 trackerapi.ebxcdn.com — Cisco Umbrella Rank: 18475	4 KB
2	aliexpress.com 1 redirects s.click.aliexpress.com — Cisco Umbrella Rank: 21293 best.aliexpress.com — Cisco Umbrella Rank: 50485	2 KB
2	korfo.org 1 redirects korfo.org — Cisco Umbrella Rank: 127346	485 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 969	1 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 646	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1261	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 1117	1 KB
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 555 optimized-by.rubiconproject.com — Cisco Umbrella Rank: 7861	869 B
2	a11ybar.com a11ybar.com — Cisco Umbrella Rank: 120047	1 KB
2	weatherwidget.io weatherwidget.io — Cisco Umbrella Rank: 46333	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	8 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	powered-by-revidy.com 1 redirects powered-by-revidy.com — Cisco Umbrella Rank: 143950	349 B
1	nethcdn.com 1 redirects nethcdn.com — Cisco Umbrella Rank: 132986	510 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 11717	408 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	5 KB
1	effectivemeasure.net t.effectivemeasure.net	608 B
1	weekendpost.co.za 1 redirects weekendpost.co.za	587 B
137	32

	Domain	Requested by
33	www.heraldlive.co.za	www.heraldlive.co.za
14	a.vidoomy.com	www.heraldlive.co.za vpaid.vidoomy.com
9	lh3.googleusercontent.com	www.heraldlive.co.za
5	fonts.gstatic.com	fonts.googleapis.com www.heraldlive.co.za
4	vid-io-iad.springserve.com	www.heraldlive.co.za
4	st.pubmatic.com	www.heraldlive.co.za
4	ads.pubmatic.com	vpaid.pubmatic.com
4	vpaid.pubmatic.com	vpaid.springserve.com www.heraldlive.co.za
4	ad.vidoomy.com	vpaid.vidoomy.com
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net vpaid.vidoomy.com
4	connect.facebook.net	www.heraldlive.co.za connect.facebook.net
3	x.bidswitch.net	3 redirects
3	www.googletagmanager.com	www.heraldlive.co.za www.googletagmanager.com
3	securepubads.g.doubleclick.net	www.heraldlive.co.za securepubads.g.doubleclick.net vpaid.vidoomy.com
2	vid-io-cle.springserve.com	www.heraldlive.co.za
2	vid.pubmatic.com	vpaid.pubmatic.com
2	region1.google-analytics.com	www.googletagmanager.com vpaid.vidoomy.com
2	korfo.org	1 redirects a11ybar.com
2	www.facebook.com	www.heraldlive.co.za
2	ads.stickyadstv.com	1 redirects www.heraldlive.co.za
2	pixel.tapad.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	www.google-analytics.com	static.vic-m.co www.google-analytics.com
2	a11ybar.com	t.effectivemeasure.net a11ybar.com
2	weatherwidget.io	www.heraldlive.co.za weatherwidget.io
2	fonts.googleapis.com	www.heraldlive.co.za
2	static.vic-m.co	www.heraldlive.co.za
2	applets.ebxcdn.com	www.heraldlive.co.za applets.ebxcdn.com
1	vid-io-dub.springserve.com	vpaid.springserve.com
1	vpaid.springserve.com	vpaid.vidoomy.com
1	vid.springserve.com	vpaid.vidoomy.com
1	optimized-by.rubiconproject.com	vpaid.vidoomy.com
1	banner.vic-m.co	static.vic-m.co
1	leo.vic-m.co	static.vic-m.co
1	www.google.de	www.heraldlive.co.za
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	vpaid.vidoomy.com
1	best.aliexpress.com	a11ybar.com
1	s.click.aliexpress.com	1 redirects
1	powered-by-revidy.com	1 redirects
1	nethcdn.com	1 redirects
1	pixel.rubiconproject.com	www.heraldlive.co.za
1	sonata-notifications.taptapnetworks.com	1 redirects
1	vpaid.vidoomy.com	ads.vidoomy.com
1	cdnjs.cloudflare.com	static.vic-m.co
1	trackerapi.ebxcdn.com	www.heraldlive.co.za
1	t.effectivemeasure.net	www.heraldlive.co.za
1	ads.vidoomy.com	www.heraldlive.co.za
1	weekendpost.co.za	1 redirects
0	ad.vic-m.co Failed	static.vic-m.co
0	vid-io-sin.springserve.com Failed	www.heraldlive.co.za
137	52

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.timeslive.co.za
www.sowetanlive.co.za
www.businesslive.co.za
www.dispatchlive.co.za
www.wantedonline.co.za
www.sahomeowner.co.za
businessmediamags.co.za
arenaevents.africa
forecast7.com
www.careersarena.co.za

Subject Issuer	Validity	Valid
www.heraldlive.co.za WR3	`2024-05-29` - `2024-08-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
ebxcdn.com WE1	`2024-06-17` - `2024-09-15`	3 months	crt.sh
*.vic-m.co Amazon RSA 2048 M02	`2024-06-11` - `2025-07-09`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-10-06`	a year	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
effectivemeasure.net WE1	`2024-06-17` - `2024-09-15`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-01` - `2024-07-30`	3 months	crt.sh
weatherwidget.io E1	`2024-05-29` - `2024-08-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
a11ybar.com WE1	`2024-06-22` - `2024-09-20`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-09` - `2025-02-08`	a year	crt.sh
korfo.org R10	`2024-07-08` - `2024-10-06`	3 months	crt.sh
ru.aliexpress.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-17` - `2024-10-23`	5 months	crt.sh
*.google.de WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
leo.vic-m.co ZeroSSL RSA Domain Secure Site CA	`2024-06-20` - `2024-09-18`	3 months	crt.sh
banner.vic-m.co R10	`2024-07-10` - `2024-10-08`	3 months	crt.sh
*.springserve.com Amazon RSA 2048 M01	`2023-08-02` - `2024-08-30`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.heraldlive.co.za/weekend-post/your-weekend/
Frame ID: 8A13D4AE7482869573BA1F38031095B3
Requests: 129 HTTP requests in this frame

Frame: https://weatherwidget.io/w/
Frame ID: 20803A323D7FEB4C994CDD5C206D2EFD
Requests: 1 HTTP requests in this frame

Frame: https://korfo.org/vu/a/
Frame ID: BF6EF1AE0063F3C53A7EE5B17C30AB54
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.com/?dp=0a459a792846dad9cded4522a8eb6069&af=656490&cv=47843&afref=&utm_source=admitad&utm_medium=cpa&utm_campaign=656490&utm_content=47843&aff_fcid=73b0a59254844f3d90693630a41c2592-1721727798001-07713-_ePNSNV&aff_fsk=_ePNSNV&aff_platform=portals-tool&sk=_ePNSNV&aff_trace_key=73b0a59254844f3d90693630a41c2592-1721727798001-07713-_ePNSNV&terminal_id=58ebfd2c14aa4369ad5b4b5c3dac870e
Frame ID: 1A9C5E0242EF998E66824AABA1C406C2
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_e12af736.js
Frame ID: F598172A45D3857F440D5F74E179F13D
Requests: 14 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,1721727799391,,
Frame ID: C040D7540814270777FA0C6871CCD865
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0AEF957D175BD1D2EEBF0540F7957B3A
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,&plcmt=4
Frame ID: 8E61ADE32BE7F9E67C338755BA0A02E8
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 12511FCD9510ACA949B2AAD10058A632
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Your Weekend | The Weekend Post

Page URL History Show full URLs

https://weekendpost.co.za/ HTTP 301
https://www.heraldlive.co.za/weekend-post/your-weekend/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

137
Requests

95 %
HTTPS

37 %
IPv6

32
Domains

52
Subdomains

41
IPs

10
Countries

3310 kB
Transfer

8142 kB
Size

49
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/HeraldLIVE

Search URL Search Domain Scan URL

URL: https://twitter.com/HeraldNMB

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heraldlive

Search URL Search Domain Scan URL

URL: https://www.timeslive.co.za/

Search URL Search Domain Scan URL

URL: https://www.timeslive.co.za/sunday-times/

Search URL Search Domain Scan URL

URL: https://www.sowetanlive.co.za/

Search URL Search Domain Scan URL

URL: https://www.businesslive.co.za/

Search URL Search Domain Scan URL

URL: https://www.businesslive.co.za/bd/

Search URL Search Domain Scan URL

URL: https://www.businesslive.co.za/fm/

Search URL Search Domain Scan URL

URL: https://www.businesslive.co.za/bt/

Search URL Search Domain Scan URL

URL: https://www.dispatchlive.co.za/

Search URL Search Domain Scan URL

URL: https://www.wantedonline.co.za/

Search URL Search Domain Scan URL

URL: https://www.sahomeowner.co.za/

Search URL Search Domain Scan URL

URL: https://businessmediamags.co.za/

Search URL Search Domain Scan URL

URL: https://arenaevents.africa/

Search URL Search Domain Scan URL

URL: https://forecast7.com/en/n33d7125d52/port-elizabeth/
Title: PORT ELIZABETH WEATHER

Search URL Search Domain Scan URL

URL: https://www.careersarena.co.za/
Title: Careers and Tenders

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://weekendpost.co.za/ HTTP 301
https://www.heraldlive.co.za/weekend-post/your-weekend/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=7015c456-b5ed-4c76-a897-c3c98a40d6f5&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_05146a5e-7985-43c6-8da5-e8bd6681a41d&bsw_param=7015c456-b5ed-4c76-a897-c3c98a40d6f5&expires=10&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=7015c456-b5ed-4c76-a897-c3c98a40d6f5

Request Chain 87

https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&gdpr=&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553%26partner_url%3Dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCEN%2526uid%253D0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553%26partner_url%3Dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCEN%2526uid%253D0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553&ct=y HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553

Request Chain 94

https://nethcdn.com/stat HTTP 302
https://korfo.org/vu/a/

Request Chain 95

https://powered-by-revidy.com/a HTTP 302
https://korfo.org/to2/aliexpress.com/ HTTP 307
https://s.click.aliexpress.com/deep_link.htm?aff_short_key=_ePNSNV&dl_target_url=https%3A%2F%2Fbest.aliexpress.com&dp=0a459a792846dad9cded4522a8eb6069&af=656490&cv=47843&afref=&utm_source=admitad&utm_medium=cpa&utm_campaign=656490&utm_content=47843 HTTP 302
https://best.aliexpress.com/?dp=0a459a792846dad9cded4522a8eb6069&af=656490&cv=47843&afref=&utm_source=admitad&utm_medium=cpa&utm_campaign=656490&utm_content=47843&aff_fcid=73b0a59254844f3d90693630a41c2592-1721727798001-07713-_ePNSNV&aff_fsk=_ePNSNV&aff_platform=portals-tool&sk=_ePNSNV&aff_trace_key=73b0a59254844f3d90693630a41c2592-1721727798001-07713-_ePNSNV&terminal_id=58ebfd2c14aa4369ad5b4b5c3dac870e

Request Chain 110

https://ads.stickyadstv.com/user-matching?id=3474&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=907d13bf63a24fcddc99924af7474e1&_fw_gdpr=0&_fw_gdpr_consent=

137 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heraldlive.co.za/weekend-post/your-weekend/
Redirect Chain

https://weekendpost.co.za/
https://www.heraldlive.co.za/weekend-post/your-weekend/

152 KB
32 KB

1636ms
705ms

Document
text/html

2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

0affb790b92cd4a6688c8f5e9c09778c2ebb6cc9fc75f375d32655cd57e3ea92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 32162
content-type: text/html; charset=utf-8
date: Tue, 23 Jul 2024 09:43:12 GMT
expires: Tue, 23 Jul 2024 09:43:12 GMT
server: Google Frontend
vary: Accept-Encoding
x-cloud-trace-context: ab6b2ff970dc34e1c5207e04ec72f5a2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

content-type: text/html; charset=UTF-8
date: Tue, 23 Jul 2024 09:43:10 GMT
location: https://www.heraldlive.co.za/weekend-post/your-weekend/
server: nginx

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
31 KB 345ms
127ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

3aa72da4fe5441833ebe1811d16086b8414a85c0f0cae2d476cfe56e556fe4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31965
x-xss-protection: 0
server: cafe
etag: 762 / 19927 / m202407180101 / config-hash: 18245854391771438746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Jul 2024 09:43:12 GMT

GET
H3 200 ebx.js Show response
applets.ebxcdn.com/ 464 B
985 B 229ms
63ms Script
application/javascript 172.67.212.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applets.ebxcdn.com/ebx.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:12 GMT
content-encoding: br
x-amzn-remapped-content-length: 464
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 822
x-amzn-requestid: ca94d189-313a-43b1-a16b-cab501600eba
x-amz-apigw-id: bW-vHEbtDoEEYZA=
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed Aug 30 13:25:09 GMT 2023
server: cloudflare
x-amzn-trace-id: Root=1-669f77fa-6a0e123d1660efdc563be9eb;Parent=40d7e1cf00f319da;Sampled=0;lineage=7936cbcf:0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KbFajRcBJS%2B2UwJ%2B8zXmwYnBMlTHuuqQHdu77BYMygssIm5YW7OdI5UgkS4nWawOPIZbsVapuT503zdF44n%2FLO4HtNhT2rigcQCZZSM2OrcowicCoxoBmGkoJuwXInAyRAUUf2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=7200
cf-ray: 8a7ab9907e98bea2-LHR

GET
H2 200 vicinity-head-tag-v1.js Show response
static.vic-m.co/ads/ 76 KB
20 KB 541ms
73ms Script
application/javascript 2600:9000:2057:ea00:17:2922:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:17:2922:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8547fc320165d65ae0dada71ff77ff63b506246a8dd6f0efb2c48499417f946

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:32:02 GMT
content-encoding: gzip
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Sun, 21 Jul 2024 11:31:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 79872
x-amz-server-side-encryption: AES256
etag: W/"7c35aa81a78a19265a6a2d9f8b3770e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Aw6PIigbQHkX-4__-Fy7dbrF3rwUTWAecnVueqjKyrQp5AjGoLGyYQ==

GET
H2 200 heraldlive_21134.js Show response
ads.vidoomy.com/ 3 KB
2 KB 1235ms
68ms Script
application/javascript 2a02:6ea0:d513::4
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/heraldlive_21134.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d513::4 Milan, Italy, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: /
Resource Hash: 946c3a0676dc1f21d5888daad96e7dcde07d6ef1805d20f2bd5502b90de7d93f

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 08:47:34 GMT
content-encoding: gzip
tp-cache: hit
age: 3339
vary: , Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1516

GET
H2 200 priority.92b9cc77e7a0e8332818.bundle.js Show response
www.heraldlive.co.za/build/chunks/ 2 KB
1 KB 148ms
144ms Script
text/javascript 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/priority.92b9cc77e7a0e8332818.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0251ce74695f112a9d5492b1d3516cfdcb7f6b1ebbef6f464abd461a5c56bebf

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 07:02:51 GMT
content-encoding: gzip
server: Google Frontend
age: 9621
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: 05788b256814df882dd8328bd69a1a7d
cache-control: public, max-age=31536000
content-length: 1080
expires: Wed, 23 Jul 2025 07:02:51 GMT

GET
H2 200 priority.92b9cc77e7a0e8332818.bundle.css
www.heraldlive.co.za/build/chunks/ 366 B
318 B 96ms
92ms Stylesheet
text/css 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/priority.92b9cc77e7a0e8332818.bundle.css
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2e9a2bb26cbf4200bcd846fa8ff112684db3b41e6be8c7b044d86ebebe8f98aa

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 15:37:21 GMT
content-encoding: gzip
server: Google Frontend
age: 65151
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: 65bb028afa91963f945e8edf3ccaddb9
cache-control: public, max-age=31536000
content-length: 198
expires: Tue, 22 Jul 2025 15:37:21 GMT

GET
H2 200 entry.ca1dc543d6783a276ab2.bundle.css
www.heraldlive.co.za/build/chunks/ 108 KB
24 KB 95ms
91ms Stylesheet
text/css 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/entry.ca1dc543d6783a276ab2.bundle.css
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 5431547b23171a3b3c52a2174174766613986f509de90ab235c81f808bec92f8

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 23:31:19 GMT
content-encoding: gzip
server: Google Frontend
age: 36713
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: e3f06ab5fd42230631b861e3f186611f;o=1
cache-control: public, max-age=31536000
content-length: 24806
expires: Tue, 22 Jul 2025 23:31:19 GMT

GET
H2 200 section.4cba9860520a06be48bf.bundle.css
www.heraldlive.co.za/build/chunks/pages/ 131 KB
21 KB 228ms
225ms Stylesheet
text/css 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/pages/section.4cba9860520a06be48bf.bundle.css
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 75aecc451658f90995fea2265231e24e1a810b0c3fc051b41cfb92f07fe8623f

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:12 GMT
content-encoding: gzip
server: Google Frontend
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: f9b097aee514522240c42cb8d1d2bce8;o=1
cache-control: public, max-age=31536000
expires: Wed, 23 Jul 2025 09:43:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 302ms
91ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c516f64fea4cde2ccc60f3196b6d883b732a6d170871079bd59107f33e66504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 Jul 2024 09:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 Jul 2024 09:43:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jul 2024 09:43:12 GMT

GET
H2 200 all-the-news-popup-4.gif
www.heraldlive.co.za/publication/shared/static/banners/ 93 KB
94 KB 146ms
145ms Image
image/gif 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/shared/static/banners/all-the-news-popup-4.gif
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 77eb92fcd855f6f906e743793156766c1c2e34dbe235b256e1a338df2fc20784

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 08:49:10 GMT
server: Google Frontend
age: 3242
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/gif
x-cloud-trace-context: af98a947f04f4fae78e9a47d3727211a
cache-control: public, max-age=86400
content-length: 95669
expires: Wed, 24 Jul 2024 08:49:10 GMT

GET
H2 200 arena.png
www.heraldlive.co.za/static/icons/ 33 KB
33 KB 92ms
92ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/arena.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 09c1718f98f43e0d4991844650eefac1459a39b3817fa8e09960425e0e3055ae

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 07:50:55 GMT
server: Google Frontend
age: 6737
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: c623daa02d8228a52658375caf1d5269
cache-control: public, max-age=86400
content-length: 33449
expires: Wed, 24 Jul 2024 07:50:55 GMT

GET
H2 200 times-live.png
www.heraldlive.co.za/static/icons/ 14 KB
14 KB 66ms
65ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/times-live.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 6e1fa095b32380cfc9012d96ac2284c414e1b69800f6449e11bb626955c07e3e

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 23:48:26 GMT
server: Google Frontend
age: 35686
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: 9fb78da64d6aab8b8053447e2341972e
cache-control: public, max-age=86400
content-length: 13958
expires: Tue, 23 Jul 2024 23:48:26 GMT

GET
H2 200 sunday-times.png
www.heraldlive.co.za/static/icons/ 24 KB
24 KB 77ms
77ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/sunday-times.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: b453b6018cfeddfee67cd3ab2776a134adfd94ac4424daffa84c0c1abf7b5260

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 08:39:27 GMT
server: Google Frontend
age: 3825
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: fe3dec68422ccabfd1e8d776243a376b
cache-control: public, max-age=86400
content-length: 24558
expires: Wed, 24 Jul 2024 08:39:27 GMT

GET
H2 200 sowetan-live.png
www.heraldlive.co.za/static/icons/ 37 KB
37 KB 100ms
99ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/sowetan-live.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 6b6e5522e848eb470dc2648937f28971b5e29c0e566a7c6535a64573c609573d

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:13 GMT
server: Google Frontend
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: f307cf205bc1d854bf1668e04c395346
cache-control: public, max-age=86400
expires: Wed, 24 Jul 2024 09:43:13 GMT

GET
H2 200 business-live.png
www.heraldlive.co.za/static/icons/ 13 KB
14 KB 332ms
329ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/business-live.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0dcab0765de8b009361f988cd6784591a5e2c4b4445db4403d30596f3f6e632c

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:39:06 GMT
server: Google Frontend
age: 247
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: fd02974d44480637ca22f5930b41059b
cache-control: public, max-age=86400
content-length: 13696
expires: Wed, 24 Jul 2024 09:39:06 GMT

GET
H2 200 business-day.png
www.heraldlive.co.za/static/icons/ 28 KB
28 KB 328ms
328ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/business-day.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 5b5c6e60a261a3d0238081763b2b4231df7e43eec6c66aaa26c3c60751f317bd

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 21:51:15 GMT
server: Google Frontend
age: 42718
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: eb89d002da76c192f033075f422e66bb;o=1
cache-control: public, max-age=86400
content-length: 28725
expires: Tue, 23 Jul 2024 21:51:15 GMT

GET
H2 200 financial-mail.png
www.heraldlive.co.za/static/icons/ 11 KB
11 KB 329ms
329ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/financial-mail.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cfe033fc215b52a0b6786b131136351189311622962539948bbff8302da8a21e

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 05:47:00 GMT
server: Google Frontend
age: 14173
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: dc1413a84ccc6d85d1816f0b7c9cc68a
cache-control: public, max-age=86400
content-length: 11606
expires: Wed, 24 Jul 2024 05:47:00 GMT

GET
H2 200 business-times.png
www.heraldlive.co.za/static/icons/ 23 KB
23 KB 328ms
328ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/business-times.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 06b3b1cf2707a488df2615229eaa8492aea59d069a5f59efdc4a5466951f872b

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 23:17:16 GMT
server: Google Frontend
age: 37557
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: 00c58f7ae3f02edd8f5a7b6e1ade8bab
cache-control: public, max-age=86400
content-length: 23831
expires: Tue, 23 Jul 2024 23:17:16 GMT

GET
H2 200 herald-live.png
www.heraldlive.co.za/static/icons/ 21 KB
21 KB 329ms
328ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/herald-live.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c2691e637c13ff272bf70ccd8c1179a695ee478bf87e7ec2ff5adbdccf263af9

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 09:43:32 GMT
server: Google Frontend
age: 86381
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: 792d93d247b500d842b8fcca4e672498
cache-control: public, max-age=86400
content-length: 21399
expires: Tue, 23 Jul 2024 09:43:32 GMT

GET
H2 200 dispatch-live.png
www.heraldlive.co.za/static/icons/ 15 KB
15 KB 326ms
9ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/dispatch-live.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 9345403cb61c38daf44f314ee25f2f62370b2c360fd7b9b9c5ad24eba2293a19

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 03:42:29 GMT
server: Google Frontend
age: 21644
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: f635d2084a7410582226c0900be25822;o=1
cache-control: public, max-age=86400
content-length: 15708
expires: Wed, 24 Jul 2024 03:42:29 GMT

GET
H2 200 wanted.png
www.heraldlive.co.za/static/icons/ 45 KB
45 KB 332ms
21ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/wanted.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 3010192f9bb5fe1da34421599bf624e8c31dbb089efbf02f30e65aa445f920d5

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 07:20:44 GMT
server: Google Frontend
age: 8549
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: c0bbb90901bf364fa4a80cbe435c9ec1
cache-control: public, max-age=86400
content-length: 45984
expires: Wed, 24 Jul 2024 07:20:44 GMT

GET
H2 200 sa-home-owner.png
www.heraldlive.co.za/static/icons/ 28 KB
28 KB 319ms
16ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/sa-home-owner.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8b8d5614a35711901db89c7f421d9822b6d9885ee1836fd6ceec2cad3a6af254

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 23:01:50 GMT
server: Google Frontend
age: 38483
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: ca89b7bebf469b924534f6c819b1c35f
cache-control: public, max-age=86400
content-length: 28727
expires: Tue, 23 Jul 2024 23:01:50 GMT

GET
H2 200 business-media-mags.png
www.heraldlive.co.za/static/icons/ 27 KB
27 KB 316ms
14ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/business-media-mags.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 7b4bf3f11858ab9b179c27c5c503f5e9696a155fa8a822aff952ac039f702cf1

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 08:54:11 GMT
server: Google Frontend
age: 2942
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: e28165b8ae94a1e5cb949bf4507430a5
cache-control: public, max-age=86400
content-length: 27350
expires: Wed, 24 Jul 2024 08:54:11 GMT

GET
H2 200 arena-events.png
www.heraldlive.co.za/static/icons/ 21 KB
21 KB 333ms
32ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/static/icons/arena-events.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f3055e41635b42441d8ab1d8ae4d93b8eae5e0e0cfe6b1e1e5b062452e55bbe6

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:19:37 GMT
server: Google Frontend
age: 1416
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: 70c93c980b15776ddef3a6d49e3a9858
cache-control: public, max-age=86400
content-length: 21494
expires: Wed, 24 Jul 2024 09:19:37 GMT

GET
H2 200 TheWeekendPostLogo.png
www.heraldlive.co.za/publication/custom/static/logos/ 27 KB
27 KB 425ms
124ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/custom/static/logos/TheWeekendPostLogo.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f3b68838d74ce3161b6a55a4156df5928cabf3a66ef877e335004cc88e2e6a90

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:13 GMT
server: Google Frontend
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: 8ed142df6dc33e5a89f4f34c2eb550b0
cache-control: public, max-age=86400
expires: Wed, 24 Jul 2024 09:43:13 GMT

GET
H2 200 vicinity-v13.js Show response
static.vic-m.co/ads/ 18 KB
6 KB 516ms
73ms Script
application/javascript 2600:9000:2057:ea00:17:2922:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vic-m.co/ads/vicinity-v13.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ea00:17:2922:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ebd4167f95a059d52b0b64b69ec1348baf783010f6523be548121398b4ada21

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 11:32:04 GMT
content-encoding: gzip
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Thu, 25 Nov 2021 14:44:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 79870
etag: W/"976804446480c78f557db2ec50f46673"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: oWHvBnpcQsZiwuUy_HWNJql7oIcUkPlNyZ-Xe2jxkDrNGXCYmTZqUg==

GET
H2 200 all-the-news-cta-4.gif
www.heraldlive.co.za/publication/shared/static/banners/ 64 KB
64 KB 331ms
30ms Image
image/gif 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/shared/static/banners/all-the-news-cta-4.gif
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 7f2d6d418976835f180256b4d0a745cf9ae4b116ce1d841f3d615f6dcd4db6e5

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 08:36:29 GMT
server: Google Frontend
age: 4004
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/gif
x-cloud-trace-context: bc2aea1d5161e262cf1a30908dffa283
cache-control: public, max-age=86400
content-length: 65520
expires: Wed, 24 Jul 2024 08:36:29 GMT

GET
H2 200 arena-holdings.logo.png
www.heraldlive.co.za/publication/custom/static/logos/ 17 KB
17 KB 343ms
42ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/custom/static/logos/arena-holdings.logo.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 59d1ce7fb23e28c96e340f0e5a3f8db389cf46ad3ab54b4bfcd419d800d7d73a

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 22:11:02 GMT
server: Google Frontend
age: 41531
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: 1eb0e812fa0ab064567f53e78604c5eb
cache-control: public, max-age=86400
content-length: 17624
expires: Tue, 23 Jul 2024 22:11:02 GMT

GET
H2 200 entry.ca1dc543d6783a276ab2.bundle.js Show response
www.heraldlive.co.za/build/chunks/ 325 KB
116 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/entry.ca1dc543d6783a276ab2.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 55093063eb4245bee2b66d749388fddea8bfd336b75660785c9d507c9cec0e75

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:23:06 GMT
content-encoding: gzip
server: Google Frontend
age: 1207
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: 98063fde5696d2efa5794f2c8d591d02
cache-control: public, max-age=31536000
content-length: 118858
expires: Wed, 23 Jul 2025 09:23:06 GMT

GET
H2 200 section.4cba9860520a06be48bf.bundle.js Show response
www.heraldlive.co.za/build/chunks/pages/ 563 KB
168 KB 237ms
236ms Script
text/javascript 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/pages/section.4cba9860520a06be48bf.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 062ded33f73d4ac3f83ba5cb3b340e75a7e69f029bb32eaa47ec97a584fa0897

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 07:16:43 GMT
content-encoding: gzip
server: Google Frontend
age: 8790
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: b5a210ed8a7209ed9023cf43085556d2
cache-control: public, max-age=31536000
content-length: 171618
expires: Wed, 23 Jul 2025 07:16:43 GMT

GET
H3 200 tag.js Show response
t.effectivemeasure.net/ 310 B
608 B 369ms
124ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.effectivemeasure.net/tag.js?1721
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a0a6797ea34236cfd5bef993fdeeee494cedbd1a4cb42e0e587f8eae0a86ba8

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ksZA%2FxdqrgQ1CaEl3S7E0bH04I%2BGLILRuJmSd0%2BQBDie8jbeICm2lw13DKbAjZMVpKtUhOObqrHbOd1Mt%2B9vEgKB55qHU4Gd9lER6lBmDmWcidEbavid6%2BCxxfTdXwKt%2BHhwGTQC7AVQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cf-ray: 8a7ab9956ad2bd71-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 251 KB
87 KB 543ms
83ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2RR9NN

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ae1eb1a0dca091a39fe88f414b82bcf7317c67f3ab9de1439c9727bf97b666a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88261
x-xss-protection: 0
last-modified: Tue, 23 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Jul 2024 09:43:13 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 442ms
65ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 23 Jul 2024 09:43:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=75, rtx=0, c=12, mss=1297, tbw=2803, tp=-1, tpl=-1, uplat=2, ullat=-1
pragma: public
x-fb-debug: g206Emsjlle9PpJfcqkjhxXAIrBG1C23236THO+f6GwtZv9ogWcMy2KkbyFg2hCqk2a9uD4dAbI/B7hMcRlIFg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407180101/ 469 KB
146 KB 138ms
98ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

4d1d8216cfd57c75709ab7f0c3975d9babbc14a64c2c98c4dbe9da6d0612a4d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 08:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3382
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149652
x-xss-protection: 0
server: cafe
etag: 11140107661797359630
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 23 Jul 2025 08:46:51 GMT

GET
H3 200 scripts.js Show response
applets.ebxcdn.com/applets/www.heraldlive.co.za/ 2 KB
2 KB 358ms
61ms XHR
text/javascript 172.67.212.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applets.ebxcdn.com/applets/www.heraldlive.co.za/scripts.js
Requested by: Host: applets.ebxcdn.com
URL: https://applets.ebxcdn.com/ebx.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 727251dbc6460e0cbb0e5d32df456d55620083dc35d4238e08c3b39c282bec31

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3376
x-amzn-requestid: c10eca8a-b6eb-43bb-89f4-a38475805a06
x-amz-apigw-id: bW4gVG51DoEEtFA=
content-length: 1572
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Jan 2024 12:58:56 GMT
server: cloudflare
etag: i5P9UYN0zJo9Clo4YESeNw==
x-amzn-trace-id: Root=1-669f6e01-3285b1c543f34d2a4a373b9e;Parent=287c58bbd6b963c1;Sampled=0;lineage=388d0713:0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AsfVRpX42%2BP6BL%2FaHzLVy00jNGob1g%2BekE7WDVgLMrNCJMADBazK9oCshy5v44GAJ820QdQ%2FMNtFwWv5Zom0ScMBFg6aWwvJmOpqXtha348c5IH8hc%2FqMvZv6fBNlA%2FOBDsLxaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=300, no-transform
accept-ranges: bytes
cf-ray: 8a7ab99519c25321-LHR

GET
H2 200 TheWeekendPostLogo.png
www.heraldlive.co.za/publication/custom/static/logos/ 27 KB
0 267ms
267ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/custom/static/logos/TheWeekendPostLogo.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f3b68838d74ce3161b6a55a4156df5928cabf3a66ef877e335004cc88e2e6a90

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:13 GMT
server: Google Frontend
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: 8ed142df6dc33e5a89f4f34c2eb550b0
cache-control: public, max-age=86400
expires: Wed, 24 Jul 2024 09:43:13 GMT

GET
H3 200 widget.min.js Show response
weatherwidget.io/js/ 3 KB
1 KB 255ms
123ms Script
application/javascript 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/js/widget.min.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 08 Oct 2019 21:35:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5620
etag: W/"5d9d0124-a4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3jPTuHY%2BFwwhs9deMuv%2FCP718ekIIk4g9obkGawmEVYFxYM%2FlD2zBgURbBXt0iJpa62TjIHUOnG7G5YiVHj%2FI%2BifmO4pJq1C7jreL3N2qKjtGEbjdv6jUBMQ0T7CZmn%2ByTzc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public; max-age=14400
cf-ray: 8a7ab9956f449479-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 Herald-LIVE.png
www.heraldlive.co.za/publication/custom/static/logos/ 4 KB
4 KB 171ms
41ms Image
image/png 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldlive.co.za/publication/custom/static/logos/Herald-LIVE.png
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.ca1dc543d6783a276ab2.bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: a4fc478877ae31d55a00ccd0a0aba78740623e34400b5417ef38b5ee2456e439

Request headers

Referer: https://www.heraldlive.co.za/build/chunks/entry.ca1dc543d6783a276ab2.bundle.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 23:19:38 GMT
server: Google Frontend
age: 37415
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: image/png
x-cloud-trace-context: 6d7b237959485e477b58588aba41f1b2
cache-control: public, max-age=86400
content-length: 4105
expires: Tue, 23 Jul 2024 23:19:38 GMT

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef75f6a856a2f070c51d231b6d47a150dfe847c4e96de88b826f83a941e468c1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 419 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28f84a5da577a1727b91c00ad1e8b55edd66a2fc114badc00ee8bc6c6d64b213

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ac0a59e92b15d8f33f485724aa0d32d27fc2ea606cf222639cbfb4209400c04

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce776db6760cfd1841280906b65e29af5764c1245be7249e2aed4127ce1906e5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b31f8d1c1d19165c14013ab3136508215508d830de43d2f99787b1450cd1ce5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c167008fdcefbcc45c3ddfbf32e1ed00793ffb7ba092d38197506cf147dd3ac

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 426 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e99632141913dc53583b474042f988d3e31b2749b1c52b25a950fcb82b22c208

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 461 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c5660cab0afda99715dfa914c8156056d8babc184c31db4f07759db0a539aeb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 423 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4dd85165b81e84e58b4f4f095b7fabee758184c6837e8a92c1ba96330c9d311

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 456 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd039902ea03a32c485a4ebae41a5a21055224460ef558c2532382959c2afbe2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 504 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e248de9c873d3c3a47b17457426144c61ba2d78f3f37d88614c2d68d6a321cd5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 446 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b24b4648287741c730d3f509c40424f2ec166d99ba3d58d6cae744700f7120a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 508 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c0d4466278c336e1945bf447dfc4c72b02b667ac32ba9226a00976542b92184

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1008 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c33cd7bde953773f327fe8d5c118cb135a519aee66921ac8777610ac91385be

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1574dcdf79afca1f83491527c5d1364fb9c1bf7ab96062f416225a0772295d82

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 428 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eab85fe0279f5ef643d3aeffb948e7132440bed2fafdbd5c228477fec1d1c2c9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa851bade9a78d0aaccb7ed160e31dbde4975ee80674783452b90e1661695d08

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4f0d6adfac1d5eca4826e695251eb2384f1d465c71cb6c43f130a71c4feffba

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0fd89cb5114e08bd4b4baa1badd07cc45aab7fc3e085cc174c7632c221a84e2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 452 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db8dcddcd1a1635f010ad594ed16d58d9c6261e89a2f111295f9a752deed838b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 200 fontawesome-webfont.af7ae505a9eed503f8b8e6982036873e.woff2
www.heraldlive.co.za/build/publication/fonts/ 75 KB
76 KB 143ms
118ms Font
font/woff2 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/publication/fonts/fontawesome-webfont.af7ae505a9eed503f8b8e6982036873e.woff2
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.ca1dc543d6783a276ab2.bundle.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.heraldlive.co.za/build/chunks/entry.ca1dc543d6783a276ab2.bundle.css
Origin: https://www.heraldlive.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 12:00:23 GMT
server: Google Frontend
age: 78170
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: font/woff2
x-cloud-trace-context: d8916aea9a44f86df3689e260cbef2ff
cache-control: public, max-age=31536000
content-length: 77160
expires: Tue, 22 Jul 2025 12:00:23 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 385ms
150ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldlive.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 15:27:45 GMT
x-content-type-options: nosniff
age: 584128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jul 2025 15:27:45 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 345ms
110ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldlive.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:42:14 GMT
x-content-type-options: nosniff
age: 10859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 06:42:14 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 22 KB
23 KB 300ms
65ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400i|Lora:400,700|Montserrat:400,700|Raleway:700|Roboto+Condensed:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109736135dc84f02f379825bd2b48998e17068eaf1f085df5f52e80537a4257d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldlive.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 15:27:42 GMT
x-content-type-options: nosniff
age: 65731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22744
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Jul 2025 15:27:42 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 309ms
284ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.ca1dc543d6783a276ab2.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6d8ff791b6b75cfd2b051a7d98e747cdbd28219e51b8039042960841755569c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 Jul 2024 09:43:13 GMT
content-md5: CvMM4q3hs26X58tKoGZnTg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=75, rtx=0, c=12, mss=1297, tbw=64194, tp=-1, tpl=-1, uplat=3, ullat=-1
x-fb-debug: FVQItQ/+Je4M0wiJ1APA2/SqMFdvhnsXZajaaeD2DB3a+qPTYMrqig0LTZBAExcUOwGoVcVkqgJnCPv+UicJWQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4f348793a2909e9b4ff9a1ca2b6da7cb
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "56957d4d1787501ac9244ecd2ef84344"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 23 Jul 2024 10:01:03 GMT

POST
H3 200 track Show response
trackerapi.ebxcdn.com/v1/ 0
487 B 314ms
111ms XHR
application/octet-stream 172.67.212.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trackerapi.ebxcdn.com/v1/track?r=&l=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&sp=70&u=urn:traffic:applet:ybucedbf&tz=Europe/London

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.212.172 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Jul 2024 09:43:14 GMT
content-security-policy: default-src 'self'
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2K64K00X1nvDJACuX9JIAZAXYArFiXmAjQ9eH4%2B09dxpWv72BB6u0GTL%2B%2BfsZ8tnTSumYnWXsgynuocKGUv%2Flp6CuI%2FrfdmKUKYuHir1WfCUuQLLuWTmeion318CgDzPQEyA9Vg4o6c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cf-ray: 8a7ab9988da34883-LHR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 _mUsqMMEgVVm8Uin40gVW1uz8LtQDEd52Z-4B1BcVcTWAKw3X24iv43qEas2hgzU2gVo0GqeX3_1iIUDs6iZNLNhQvMqJ93LqZ4trpiyc1c=w460
lh3.googleusercontent.com/ 157 KB
157 KB 758ms
545ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/_mUsqMMEgVVm8Uin40gVW1uz8LtQDEd52Z-4B1BcVcTWAKw3X24iv43qEas2hgzU2gVo0GqeX3_1iIUDs6iZNLNhQvMqJ93LqZ4trpiyc1c=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9e78b3d1174879ec3bc6c7ba1c830a3a5182fd2ecc790f7470ffacdecd3360f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160553
x-xss-protection: 0
expires: Wed, 24 Jul 2024 09:43:14 GMT

GET
H2 200 QgdpqyWO1cSgsdXyfUjDwIoraVgFaxQEDNP_Jx8UoKULOmM2C6PVpC6emON5HeOz0zwadWIuTw9IIR1JolvMz4V1mwcIeHf2wpWqT00PjjPKrQ=w460
lh3.googleusercontent.com/ 178 KB
179 KB 451ms
238ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/QgdpqyWO1cSgsdXyfUjDwIoraVgFaxQEDNP_Jx8UoKULOmM2C6PVpC6emON5HeOz0zwadWIuTw9IIR1JolvMz4V1mwcIeHf2wpWqT00PjjPKrQ=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5c369577056a2a6af3b0ee3b66d2575a424fbca4bd1ba69ae40c64ab7851fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 182409
x-xss-protection: 0
expires: Wed, 24 Jul 2024 09:43:14 GMT

GET
H2 200 fznVWMGv_6GrSw77yn1jkYgukMTNUP5GvYO8zUx3slOSX65BkfrhJ-bwuTQqnGjQ7D6zqitD_rxyFbLBYcQAI3h2FVr6eVhli6P5v1iL9c6k=w460
lh3.googleusercontent.com/ 66 KB
66 KB 526ms
314ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/fznVWMGv_6GrSw77yn1jkYgukMTNUP5GvYO8zUx3slOSX65BkfrhJ-bwuTQqnGjQ7D6zqitD_rxyFbLBYcQAI3h2FVr6eVhli6P5v1iL9c6k=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b75db09a5d7635817f39f89829190ff05ace3708b08ad1bb03d765caa43c24fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67359
x-xss-protection: 0
expires: Wed, 24 Jul 2024 09:43:14 GMT

GET
H2 200 TyQewpsXXbh6yzchNreUgjL62-zrcC5r83BojlYV3Nk9Z22ezsbRdboZLNpLEjQ0u1HPFrq2MqmN7UPEL5uIE331l78KmvEfhPMjq0w3fMN8=w460
lh3.googleusercontent.com/ 61 KB
61 KB 870ms
658ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/TyQewpsXXbh6yzchNreUgjL62-zrcC5r83BojlYV3Nk9Z22ezsbRdboZLNpLEjQ0u1HPFrq2MqmN7UPEL5uIE331l78KmvEfhPMjq0w3fMN8=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8a7f8a4f0dc7383c9b74d5700fb0bceff126a0a7bd58316151bb769f746565e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62031
x-xss-protection: 0
expires: Wed, 24 Jul 2024 09:43:14 GMT

GET
H2 200 HeNyn7bkoc3vg3qR4-0kwb19DWT_SpnEDID65VKLoCCh9GAhXb17VUvoUGXce44XidVq8iKLR0loZHFlTIMYZ9DtYVwZdTbbSXJhqhmE0zwM=w460
lh3.googleusercontent.com/ 303 KB
303 KB 911ms
699ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/HeNyn7bkoc3vg3qR4-0kwb19DWT_SpnEDID65VKLoCCh9GAhXb17VUvoUGXce44XidVq8iKLR0loZHFlTIMYZ9DtYVwZdTbbSXJhqhmE0zwM=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f04e147fe554c3690764426dc276dcc67d7d1e497bb03c4e6b0b3d4631c8be8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309837
x-xss-protection: 0
expires: Wed, 24 Jul 2024 09:43:14 GMT

GET
H2 200 Ow3b69l-Xw-NbXo2csHyhDPoPeEei86Qua-dqhoVB2W1lgnk-Vf50HQJ_SgOU-MFzQU4g7QVmlQ8vhMcIfJUHWA_4Zz47UUgSI-bfYqjdHZw=w460
lh3.googleusercontent.com/ 40 KB
40 KB 701ms
489ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Ow3b69l-Xw-NbXo2csHyhDPoPeEei86Qua-dqhoVB2W1lgnk-Vf50HQJ_SgOU-MFzQU4g7QVmlQ8vhMcIfJUHWA_4Zz47UUgSI-bfYqjdHZw=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d95e1abf1b719ee4878735c90c7be8c23c1d9a7d6b10ccd115eb45aa018861dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41247
x-xss-protection: 0
expires: Wed, 24 Jul 2024 09:43:14 GMT

GET
H2 200 jvE6qOgYs9JnyG2CI9fx9W-f9qBj_9eK2dWB1JFrn_7eU9BhciDYQpNpe3ZKYjjTyPtzk9t6NCTtR8soMls3FpKXPmr5OTsnu6hd_y41nyg-=w225
lh3.googleusercontent.com/ 23 KB
23 KB 518ms
517ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/jvE6qOgYs9JnyG2CI9fx9W-f9qBj_9eK2dWB1JFrn_7eU9BhciDYQpNpe3ZKYjjTyPtzk9t6NCTtR8soMls3FpKXPmr5OTsnu6hd_y41nyg-=w225

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2f710e11a1aaa018339300dda3b3c8242d750378ca39a1e19df6148d3c8f328e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23501
x-xss-protection: 0
expires: Wed, 24 Jul 2024 09:43:14 GMT

GET
H2 200 4.8d38b2b9de0261817fd0.bundle.css
www.heraldlive.co.za/build/publication/ 29 KB
6 KB 79ms
77ms Stylesheet
text/css 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/publication/4.8d38b2b9de0261817fd0.bundle.css
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.ca1dc543d6783a276ab2.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 6929bd28b251e2f2422e60ea53fe985df8c7810a7292d762160f7310966e8e8a

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 23:19:38 GMT
content-encoding: gzip
server: Google Frontend
age: 37416
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: fa589916ae1df0a205ce98f8af99301e
cache-control: public, max-age=31536000
content-length: 6051
expires: Tue, 22 Jul 2025 23:19:38 GMT

GET
H2 200 oo~d9aca0d0.8d38b2b9de0261817fd0.bundle.js Show response
www.heraldlive.co.za/build/chunks/vendors~base/app/edit/shell/shell.js~base/app/entry/entry.shell.js~publication/base/widget/dialog/ 196 KB
63 KB 91ms
89ms Script
text/javascript 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/vendors~base/app/edit/shell/shell.js~base/app/entry/entry.shell.js~publication/base/widget/dialog/oo~d9aca0d0.8d38b2b9de0261817fd0.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.ca1dc543d6783a276ab2.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0b49785e62282d78098e59a809f82fac5399ca5061a253a71c24ef637f02bea2

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 12:28:29 GMT
content-encoding: gzip
server: Google Frontend
age: 162885
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: d8ef50e8ee9261c5bbe12c0cbdcf30b0
cache-control: public, max-age=31536000
content-length: 64095
expires: Mon, 21 Jul 2025 12:28:29 GMT

GET
H2 200 oovvuu-edit-dialog-index-js.394ed92ef05a88360a6b.bundle.js Show response
www.heraldlive.co.za/build/chunks/base/app/entry/entry.shell.js~publication/base/widget/dialog/ 45 KB
10 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/base/app/entry/entry.shell.js~publication/base/widget/dialog/oovvuu-edit-dialog-index-js.394ed92ef05a88360a6b.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.ca1dc543d6783a276ab2.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: dc52ec218764bf1bc3f435496addfeeb1da1ca7a5044d0c4c7c6c10bfa8b1adc

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 23:07:04 GMT
content-encoding: gzip
server: Google Frontend
age: 38170
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: b43b14ab453617b85d5334b545b484e8
cache-control: public, max-age=31536000
content-length: 9769
expires: Tue, 22 Jul 2025 23:07:04 GMT

GET
H2 200 entry.shell.js.bcd30ed4b3d231da5eb0.bundle.js Show response
www.heraldlive.co.za/build/chunks/base/app/entry/ 18 KB
7 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/base/app/entry/entry.shell.js.bcd30ed4b3d231da5eb0.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.ca1dc543d6783a276ab2.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 3ae0a1326e3444deb5fd47c4bda1570f6ddf0fc93fda4ee951829a2afe5f6fa4

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 21:02:23 GMT
content-encoding: gzip
server: Google Frontend
age: 45651
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: 2333544d5be09bbe79d702c8148d1872
cache-control: public, max-age=31536000
content-length: 7016
expires: Tue, 22 Jul 2025 21:02:23 GMT

GET
H3 200 ok6.js Show response
a11ybar.com/ 141 B
557 B 178ms
79ms Script
text/javascript 172.67.136.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a11ybar.com/ok6.js
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1721
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: ae723359f13e5593e4c492c99a8d4751a3349efc137fb3ea701a991c4867b242

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3wU7osLxRHk%2Fkf3QPYnDzxCRuP3kojhyojvH%2F486AZE1RZ0Z2dcUQxlYuhTMcgT607v09kfpdLp7G61Nqw8SW%2FK1zbVkUnyLyWNuHPX6fTIqDgaCS9x0QWrSEq1hJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cf-ray: 8a7ab99c1d817689-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 180ms
53ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 Jul 2024 09:41:01 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 133
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 23 Jul 2024 11:41:01 GMT

GET
H3 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/ 17 KB
5 KB 152ms
63ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js

Requested by

Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 929720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4996
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-43d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IWvlHArWNYPWeDFfdKBb5YbLwwvKKjp1uAxS6Is84qj3zUR%2BpZfu6E1yE7G4dasQWpPPjEeA1ZGe5E1dHtxUrFQV%2FC0avTXFcuhnkCU3PeYNlI1v0Pk0EPb%2FmsFGQZC9XIFBA50Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a7ab99c0a096535-LHR
expires: Sun, 13 Jul 2025 09:43:14 GMT

GET
H2 200 22877425870 Show response
fundingchoicesmessages.google.com/i/ 201 KB
67 KB 391ms
102ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22877425870?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

079bb72baefbfce950b8bced236725fba7e39336f318bc1700744b2f648c0b7b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-TsBaj7hfClrI_x2mVc__ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-TsBaj7hfClrI_x2mVc__ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HJu-_d3CJvDg4IFjzEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBuZGhnoG5vEFBgDZ6D0P"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2837651136267650 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 168ms
158ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2837651136267650?v=2.9.162&r=stable&domain=www.heraldlive.co.za&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7ae601be1f59bcf6451e6e0c3706c56eb25a99d09796e165d63be13d94e2e660

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 23 Jul 2024 09:43:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=69, mss=1297, tbw=66372, tp=-1, tpl=-1, uplat=68, ullat=0
pragma: public
x-fb-debug: Mewg/VR2+JB8JSkvqEtrO0SYKke6rACLfej7zCKj/+e8xPqUWJ37EGD+M9ECNupW9kZlbT29d8v70ouv+QYs/w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
weatherwidget.io/w/ Frame 2080 0
0 214ms
129ms Document
text/html 172.67.181.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/js/widget.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 8993
alt-svc: h3=":443"; ma=86400
cache-control: public; max-age=14400
cf-cache-status: HIT
cf-ray: 8a7ab99e3edc531c-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 23 Jul 2024 09:43:14 GMT
last-modified: Tue, 23 Jul 2024 06:51:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ekJ9VMN3BVT1RN20M3Y7Pn9YRh%2FuqcZ3QBh0mr23YxVOIWMGYzlL69%2BWLjozpWIeORLpCPpudaxbJ1ztMpzOBfayUYE9Hjx0mkZOkm3OtF5ofalbtTRH2jqIQumSfmqnSgeM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
86 KB 315ms
81ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f143e28a6afe4c84997f08dcf27e6c90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

f9abfd62c47254ab07979102d38d0ed8ca062abee6bffd2ad77a085bc5374431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
Origin: https://www.heraldlive.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 Jul 2024 09:43:15 GMT
content-md5: qlSIx3dAGCGpxE3xaYittA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87601
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=4, c=4, mss=1232, tbw=9335, tp=15, tpl=4, uplat=0, ullat=-1
x-fb-debug: /CUwvJZJ2kQMZ3biCAkdhHXY1atME52r0mqk2Z+vC63ldlFwG2fn3nNamXqiYZrQv1Gk4K2mr9RV73uR+Y6wsg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: aed49e9096398ec1192d3777731a6c43
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "6af28dffdb42edc4072d93ae5dabd55c"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 23 Jul 2025 08:00:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
99 KB 203ms
57ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JNNJWFKJ2E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2RR9NN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1346c1a64bda95f1bbe57121280cfb71310f2ff6771cb70811b3261b7aad3cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101030
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 23 Jul 2024 09:43:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
100 KB 237ms
114ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BWERR8GS85&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2RR9NN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4fc3fb3beabd2be48b1a33ac4cb87015fe36ab8d98f884260f6c068ba680b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102609
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 23 Jul 2024 09:43:15 GMT

GET
H2 200 vidoomy-player.js Show response
vpaid.vidoomy.com/player/latest/ 401 KB
109 KB 680ms
94ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Requested by: Host: ads.vidoomy.com
URL: https://ads.vidoomy.com/heraldlive_21134.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 02468826512005bea8059b5d2fe96e65a9bf1d716b61a5a082477034cd48da48

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 Jul 2024 09:43:15 GMT
content-encoding: gzip
x-amz-request-id: tx00000b3caa0f728f3b201-006698c161-688b349-prg
x-accel-date-max: 1721287010
x-77-cache: HIT
x-cache: HIT
x-amz-storage-class: STANDARD
x-age: 440785
x-accel-date: 1721287010
alt-svc: h3=":443"; ma=86400
x-77-nzt: A5ySIYg3Nzf/0bkGACUTwjQ3Nzf/AAAAAFm7vKbQZ9QA
x-accel-expires: @1722323810
x-77-age: 440785
last-modified: Thu, 18 Jul 2024 07:16:35 GMT
server: CDN77-Turbo
x-amz-meta-s3cmd-attrs: atime:1721286989/ctime:1721286989/gid:116/gname:jenkins-exec/md5:c0d035738dab5e297abab955a0dba454/mode:33188/mtime:1721286989/uid:116/uname:jenkins-exec
etag: W/"c0d035738dab5e297abab955a0dba454"
x-77-nzt-ray: f6587a1d36c8915d337b9f66489de824
vary: Accept-Encoding
content-type: application/javascript
x-rgw-object-type: Normal
access-control-allow-credentials: true

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=7015c456-b5ed-4c76-a897-c3c98a40d6f5&gdpr=&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_05146a5e-7985-43c6-8da5-e8bd6681a41d&bsw_param=7015c456-b5ed-4c76-a897-c3c98a40d6f5&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=7015c456-b5ed-4c76-a897-c3c98a40d6f5

43 B
650 B

1131ms
305ms

Image
image/gif

212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=7015c456-b5ed-4c76-a897-c3c98a40d6f5
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: HTTP/1.1
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:17 GMT
Content-Encoding: none
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 43

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=7015c456-b5ed-4c76-a897-c3c98a40d6f5
Date: Tue, 23 Jul 2024 09:43:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 689ms
65ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f2725c115d816cae2dce6044d9cf3fcf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&gdpr=&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3D...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%...
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553

43 B
670 B

262ms
77ms

Image
image/gif

212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: HTTP/1.1
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:17 GMT
Content-Encoding: none
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 43

Redirect headers

date: Tue, 23 Jul 2024 09:43:17 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=0da8d2e1-6e6d-4521-8874-40849641f1ee-669f7b33-5553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200 auto-user-sync
ads.stickyadstv.com/ 43 B
497 B 625ms
56ms Image
image/gif 2607:ae80:192:1::176
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:192:1::176 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jul 2024 09:43:15 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1721727795790021-401

GET
H3 200 stat.js Show response
a11ybar.com/ 771 B
610 B 122ms
120ms Script
application/javascript 172.67.136.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a11ybar.com/stat.js
Requested by: Host: a11ybar.com
URL: https://a11ybar.com/ok6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: dfe4146c226afab7a30c7dfa36827f2572a708f1fc96c8fa9247910c5005088c

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ptI%2FDT4Xwjta2olFGctvGzOIeeETW7B6dDDK9RwQj3P1nB8CtnxoHkDpIZTL8gekpC%2Bw5x7NOegcitUms3AMS1XufV5AVzfnHJqjdBC4zKXBAId%2FGbNNwl0CdPhmgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 8a7ab99fa88a7689-LHR
alt-svc: h3=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
212 B 109ms
75ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=497523727&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&ul=en-gb&de=UTF-8&dt=Your%20Weekend%20%7C%20The%20Weekend%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAEKAB~&jid=1786721695&gjid=506187988&cid=680511952.1721727795&tid=UA-2619645-1&_gid=849401307.1721727795&_r=1&_slc=1&gtm=45He47h0n81T2RR9NNv78478613za200&cd1=&cd2=no&cd3=&cd4=n%2Fa&cd5=&cd6=no&cd7=&cd8=Section&cd9=no&cd10=&cd11=&cd12=your-weekend&cd13=weekend%20%2C%20what%20to%20do%20in%20pe%20on%20the%20weekend%2C%20eastern%20province%20herald%20sports%2C%20port%20elizabeth%20news%20paper%2C%20ep%20herald%2C%20eastern%20cape%20news%20headlines%2C%20the%20ep%20herald%20online%2C%20port%20elizabeth%20herald%20classifieds%20social%2C%20lifestyle%2C%20my%20herald%2CCompetitions&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=1721727793071&cd27=0&cd28=&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250753&npa=1&z=107610532

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 09:43:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldlive.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
269 B 641ms
74ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2837651136267650&ev=PageView&dl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&rl=&if=false&ts=1721727795567&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.2.1721727795455.31729511940734607&ler=empty&cdl=API_unavailable&it=1721727794769&coo=false&rqm=GET

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=51, rtx=0, c=10, mss=1297, tbw=2794, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 23 Jul 2024 09:43:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 819ms
255ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2837651136267650&ev=PageView&dl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&rl=&if=false&ts=1721727795567&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.2.1721727795455.31729511940734607&ler=empty&cdl=API_unavailable&it=1721727794769&coo=false&rqm=FGET

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 23 Jul 2024 09:43:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7394764577566409319", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=12, mss=1297, tbw=3107, tp=-1, tpl=-1, uplat=175, ullat=1
pragma: no-cache
x-fb-debug: d9q5aIgC0G45NaUrQCb34gyTsIh5vVoLt9SDk1cLCvwfY5pAYnazS7h0M04fukAOolltncHoQzkaaJ2XGdEZdw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394764577566409319"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 AGSKWxWs_bKYy8eCxvs_kDIl3SbXVeWI_vsXRIlfUXpU4PZ3b4sTx_h5RzUzbxUHTKYpnBu9VraYHpNTErJgkRRDYOyyNC66NVQXXWo7Z5TvkXAkunfnZWYDXbZ1S9tpXRFVTRL5BaVvkw== Show response
fundingchoicesmessages.google.com/f/ 392 KB
60 KB 159ms
158ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWs_bKYy8eCxvs_kDIl3SbXVeWI_vsXRIlfUXpU4PZ3b4sTx_h5RzUzbxUHTKYpnBu9VraYHpNTErJgkRRDYOyyNC66NVQXXWo7Z5TvkXAkunfnZWYDXbZ1S9tpXRFVTRL5BaVvkw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIxNzI3Nzk1LDc0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaGVyYWxkbGl2ZS5jby56YS93ZWVrZW5kLXBvc3QveW91ci13ZWVrZW5kLyIsbnVsbCxbWzgsImpaM3Nnc0tvS0ZZIl0sWzksImVuLUdCIl0sWzIyLCJ0cnVlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.jZ3sgsKoKFY.es5.O/am=Mhg/d=1/rs=AJlcJMxli0VGzJRmqI8WAipogNXjxeslUg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5153726d016f99993ed46e34ab12e3f48f39cdd2708677092345b925815f772b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aZFQ4OC72S9KYhgJOpgcSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-aZFQ4OC72S9KYhgJOpgcSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgNlS4xGoPxEI8HJu__d3CJrBi0sw1zEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBuZGhnoG5vEFBgC8nDxp"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
korfo.org/vu/a/ Frame BF6E
Redirect Chain

https://nethcdn.com/stat
https://korfo.org/vu/a/

0
0

232ms
64ms

Document
text/html

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://korfo.org/vu/a/
Requested by: Host: a11ybar.com
URL: https://a11ybar.com/stat.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Jul 2024 09:43:16 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a7ab9a70d619407-LHR
content-type: text/html; charset=UTF-8
date: Tue, 23 Jul 2024 09:43:16 GMT
location: https://korfo.org/vu/a/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qy3oDK24RhqhQ6pee8X27sUPlROI8%2Fr6kGQDH6VOV8fNTLcMbkG%2BPKJnRosTIfCES7CozQDJZ%2FilW6u905bMyG7XNkaKNY84c4rGreCD9%2F5Iy2NBbKFVsrQpWPzQwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2

200

/
best.aliexpress.com/ Frame 1A9C
Redirect Chain

https://powered-by-revidy.com/a
https://korfo.org/to2/aliexpress.com/
https://s.click.aliexpress.com/deep_link.htm?aff_short_key=_ePNSNV&dl_target_url=https%3A%2F%2Fbest.aliexpress.com&dp=0a459a792846dad9cded4522a8eb6069&af=656490&cv=47843&afref=&utm_source=admitad&u...
https://best.aliexpress.com/?dp=0a459a792846dad9cded4522a8eb6069&af=656490&cv=47843&afref=&utm_source=admitad&utm_medium=cpa&utm_campaign=656490&utm_content=47843&aff_fcid=73b0a59254844f3d90693630a...

0
0

1176ms
540ms

Document
text/html

184.30.210.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://best.aliexpress.com/?dp=0a459a792846dad9cded4522a8eb6069&af=656490&cv=47843&afref=&utm_source=admitad&utm_medium=cpa&utm_campaign=656490&utm_content=47843&aff_fcid=73b0a59254844f3d90693630a41c2592-1721727798001-07713-_ePNSNV&aff_fsk=_ePNSNV&aff_platform=portals-tool&sk=_ePNSNV&aff_trace_key=73b0a59254844f3d90693630a41c2592-1721727798001-07713-_ePNSNV&terminal_id=58ebfd2c14aa4369ad5b4b5c3dac870e

Requested by

Host: a11ybar.com
URL: https://a11ybar.com/stat.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

184.30.210.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-210-6.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 23 Jul 2024 09:43:19 GMT
eagleeye-traceid: 211b664d17217277988952987ec9ce
p3p: CP="CAO PSA OUR"
server: Tengine/Aserver
server-timing: ak_p; desc="1721727798711_388358814_71742061_46729_16196_55_0_255";dur=1
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-akamai-fwd-auth-data: 1010939434, 23.37.226.158, 1721727799, 82.199.130.40
x-akamai-fwd-auth-sha: 993CE616C9099B682BAC7DCF46FE2027FC094FDFE5A66BC760013888FCC172AF
x-akamai-fwd-auth-sign: hBODspcvnzXmdMlhohAEue1nxjtxJSRZ8p21x4CggGW0/+4hiPagqk88lVfAF1fOriWfz96Y+QtvNelGR2tAaE37g9KU8qo+hgW8KLMzf4g=
x-application-context: ae-fn-gateway-f:7001

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTION
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-US
content-length: 0
date: Tue, 23 Jul 2024 09:43:18 GMT
eagleeye-traceid: 210384cc17217277979876478e716c
expires: 0
location: https://best.aliexpress.com?dp=0a459a792846dad9cded4522a8eb6069&af=656490&cv=47843&afref=&utm_source=admitad&utm_medium=cpa&utm_campaign=656490&utm_content=47843&aff_fcid=73b0a59254844f3d90693630a41c2592-1721727798001-07713-_ePNSNV&aff_fsk=_ePNSNV&aff_platform=portals-tool&sk=_ePNSNV&aff_trace_key=73b0a59254844f3d90693630a41c2592-1721727798001-07713-_ePNSNV&terminal_id=58ebfd2c14aa4369ad5b4b5c3dac870e
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: Tengine/Aserver
server-timing: ak_p; desc="1721727797217_388358814_71741324_2336_14828_57_757_255";dur=1
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
x-akamai-fwd-auth-data: 631975815, 23.37.226.158, 1721727798, 82.199.130.40
x-akamai-fwd-auth-sha: FFA4F31AD3AD4F60CFD6E84770B7EFD3B1FB61C776389B8FD242CC6B16DD3B37
x-akamai-fwd-auth-sign: BpiIen+8Xw/NBVPMOAz8HZ1IThp2zfartZHPiawlfPTID+m+tc3YWOy6cfd3tDrAHssQI7pMjw82VnQysnQ8t3cMSMaQyF7yL6oz/oZyDE4=
x-application-context: global-traffic-holmes-f:7001
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 _mUsqMMEgVVm8Uin40gVW1uz8LtQDEd52Z-4B1BcVcTWAKw3X24iv43qEas2hgzU2gVo0GqeX3_1iIUDs6iZNLNhQvMqJ93LqZ4trpiyc1c=w460
lh3.googleusercontent.com/ 157 KB
0 1ms
0ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/_mUsqMMEgVVm8Uin40gVW1uz8LtQDEd52Z-4B1BcVcTWAKw3X24iv43qEas2hgzU2gVo0GqeX3_1iIUDs6iZNLNhQvMqJ93LqZ4trpiyc1c=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9e78b3d1174879ec3bc6c7ba1c830a3a5182fd2ecc790f7470ffacdecd3360f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160553
x-xss-protection: 0
expires: Wed, 24 Jul 2024 09:43:14 GMT

GET
H2 200 HeNyn7bkoc3vg3qR4-0kwb19DWT_SpnEDID65VKLoCCh9GAhXb17VUvoUGXce44XidVq8iKLR0loZHFlTIMYZ9DtYVwZdTbbSXJhqhmE0zwM=w460
lh3.googleusercontent.com/ 303 KB
0 1ms
1ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/HeNyn7bkoc3vg3qR4-0kwb19DWT_SpnEDID65VKLoCCh9GAhXb17VUvoUGXce44XidVq8iKLR0loZHFlTIMYZ9DtYVwZdTbbSXJhqhmE0zwM=w460

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f04e147fe554c3690764426dc276dcc67d7d1e497bb03c4e6b0b3d4631c8be8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309837
x-xss-protection: 0
expires: Wed, 24 Jul 2024 09:43:14 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 372ms
48ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BWERR8GS85&gtm=45je47h0v9115178239z878478613za200zb78478613&_p=1721727793072&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=95250753&cid=680511952.1721727795&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721727796&sct=1&seg=0&dl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&dt=Your%20Weekend%20%7C%20The%20Weekend%20Post&en=page_view&_fv=1&_ss=1&ep.UID=&tfd=6129&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BWERR8GS85&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 09:43:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldlive.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 135ms
124ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.jZ3sgsKoKFY.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMw0aPtRtlq2_v9NQ70St80oPhCyOg/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4dafdd94f789a13c39c29335b6cee9a513669c60d779ffb1f19c50f4b1b0c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 Jul 2024 09:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 Jul 2024 09:43:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jul 2024 09:43:16 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 76ms
60ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/
Origin: https://www.heraldlive.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 12:26:16 GMT
x-content-type-options: nosniff
age: 595020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jul 2025 12:26:16 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 118ms
107ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/
Origin: https://www.heraldlive.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 07:51:59 GMT
x-content-type-options: nosniff
age: 6677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 07:51:59 GMT

POST
H2 204 collect Show response
region1.analytics.google.com/g/ 0
54 B 132ms
88ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JNNJWFKJ2E&gtm=45je47h0v869910990z878478613za200zb78478613&_p=1721727793072&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=680511952.1721727795&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&uid=&sid=1721727795&sct=1&seg=0&dl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&dt=Your%20Weekend%20%7C%20The%20Weekend%20Post&en=page_view&_fv=1&_ss=1&ep.uid=&ep.publish_date=&tfd=6857&_z=fetch
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 09:43:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldlive.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 458ms
80ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JNNJWFKJ2E&cid=680511952.1721727795&gtm=45je47h0v869910990z878478613za200zb78478613&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JNNJWFKJ2E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 09:43:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldlive.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWf5yrlF4T64zzDurntqfUHqxTQJfWSWFR58WTawIky3rsa13_sKPBY2jogHCYlmxshIyQzQrUkTFLAMNE9nhvoP1W4Y3DH5Y8vnRueetpNbp_gbt_HIqhdYwHURcNO3kzOSaOg_A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 370ms
92ms XHR
text/html 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWf5yrlF4T64zzDurntqfUHqxTQJfWSWFR58WTawIky3rsa13_sKPBY2jogHCYlmxshIyQzQrUkTFLAMNE9nhvoP1W4Y3DH5Y8vnRueetpNbp_gbt_HIqhdYwHURcNO3kzOSaOg_A==

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-g0VTbma9PXqNqKfj-WsnOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jul 2024 09:43:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-g0VTbma9PXqNqKfj-WsnOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzbH1298tbAILOi_KK7kk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTA3NDMz0D8_gCAwAyiyuU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.heraldlive.co.za
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWf5yrlF4T64zzDurntqfUHqxTQJfWSWFR58WTawIky3rsa13_sKPBY2jogHCYlmxshIyQzQrUkTFLAMNE9nhvoP1W4Y3DH5Y8vnRueetpNbp_gbt_HIqhdYwHURcNO3kzOSaOg_A==

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lYVziFHNd0PFYE0Y1aAIHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jul 2024 09:43:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lYVziFHNd0PFYE0Y1aAIHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsIUD8-fE51t9AvCTiIuuRxIusQtwcW7_93cImMOP3Wikll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgbmimZ2AeX2AAAEWpK9Y"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.heraldlive.co.za
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 387ms
107ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JNNJWFKJ2E&cid=680511952.1721727795&gtm=45je47h0v869910990z878478613za200zb78478613&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0&z=280063240

Requested by

Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 09:43:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
0 98ms
98ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

3aa72da4fe5441833ebe1811d16086b8414a85c0f0cae2d476cfe56e556fe4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31965
x-xss-protection: 0
server: cafe
etag: 762 / 19927 / m202407180101 / config-hash: 18245854391771438746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Jul 2024 09:43:12 GMT

GET
DATA 200
OK truncated
/ 477 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK get Show response
ad.vidoomy.com/api/adserver/ad/ 3 KB
3 KB 587ms
347ms XHR
text/plain 212.36.83.216
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidoomy.com/api/adserver/ad/get?data=ZG9tYWluPWhlcmFsZGxpdmUuY28uemEmZm9ybWF0PTEmdT1mMDg0NDE5ZC0wM2Y5LTQ4NDMtOGRjOC1mMDY5MzhkYmJmMzMmem9uZUlkPTI4NDczJmxvb3A9MCZjU3RyaW5nU3RhdHVzPW5vdC1mb3VuZCZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGd3d3LmhlcmFsZGxpdmUuY28uemElMkZ3ZWVrZW5kLXBvc3QlMkZ5b3VyLXdlZWtlbmQlMkYmcHZlcnNpb249My4xNi4xMiZ0aW1lRWxhcHNlZD0wLTEuOTk=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.216 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: w4.vdmy.dtic.es
Software: nginx /
Resource Hash: e6516ba5da19a47af8adab45ff85937984bdf6d865b4b356deec1da7907ee3a0

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
Content-Transfer-Encoding: base64
vidoomy-brandlift: W10=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:18 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Content-Transfer-Encoding: base64
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 3140

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3474&_fw_gdpr=0&_fw_gdpr_consent=
https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=907d13bf63a24fcddc99924af7474e1&_fw_gdpr=0&_fw_gdpr_consent=

43 B
642 B

546ms
295ms

Image
image/gif

212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=907d13bf63a24fcddc99924af7474e1&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: HTTP/1.1
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:17 GMT
Content-Encoding: none
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 23 Jul 2024 09:43:17 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=907d13bf63a24fcddc99924af7474e1&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1721727797222026-408

GET
H2 200 entry.shell.js.781bae73db5f54e60988.bundle.js Show response
www.heraldlive.co.za/build/chunks/custom/app/entry/ 4 KB
1 KB 209ms
110ms Script
text/javascript 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldlive.co.za/build/chunks/custom/app/entry/entry.shell.js.781bae73db5f54e60988.bundle.js
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/build/chunks/entry.ca1dc543d6783a276ab2.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8513fc21eded455109b9c58534ff0582495a486c74a86d5d6f26ca77c456391a

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 16:10:20 GMT
content-encoding: gzip
server: Google Frontend
age: 63177
etag: "rBfS_Q"
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: 0812a492e0888468d82e0d270f8db3dc
cache-control: public, max-age=31536000
content-length: 1270
expires: Tue, 22 Jul 2025 16:10:20 GMT

OPTIONS
H/1.1 200
OK get
ad.vidoomy.com/api/adserver/ad/ Frame 0
0 1206ms
81ms Preflight 212.36.83.216
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidoomy.com/api/adserver/ad/get?data=ZG9tYWluPWhlcmFsZGxpdmUuY28uemEmZm9ybWF0PTEmdT1mMDg0NDE5ZC0wM2Y5LTQ4NDMtOGRjOC1mMDY5MzhkYmJmMzMmem9uZUlkPTI4NDczJmxvb3A9MCZjU3RyaW5nU3RhdHVzPW5vdC1mb3VuZCZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGd3d3LmhlcmFsZGxpdmUuY28uemElMkZ3ZWVrZW5kLXBvc3QlMkZ5b3VyLXdlZWtlbmQlMkYmcHZlcnNpb249My4xNi4xMiZ0aW1lRWxhcHNlZD0wLTEuOTk=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.216 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: w4.vdmy.dtic.es
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-transfer-encoding,vidoomy-brandlift
Access-Control-Request-Method: GET
Origin: https://www.heraldlive.co.za
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-transfer-encoding,vidoomy-brandlift
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Connection: keep-alive
Content-Length: 0
Date: Tue, 23 Jul 2024 09:43:18 GMT
Server: nginx

GET
H2 200 spcnew2.php Show response
leo.vic-m.co/adserver/delivery/ 1 B
292 B 1147ms
106ms Script
text/html 13.58.45.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://leo.vic-m.co/adserver/delivery/spcnew2.php?zones=banner_12415875%3D2228%7C&nz=1&r=57999397&w=1600&h=1200&o=landscape&vicinity_id=67cbad15-2f3b-4943-bad4-562dd1258ad0&vicm2&timezone=1&cid=undefined&url=https://www.heraldlive.co.za/weekend-post/your-weekend/&l=&click_macro=&acceptedLocReq=0&referer=https%3A//www.heraldlive.co.za/weekend-post/your-weekend/
Requested by: Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.58.45.4 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-45-4.us-east-2.compute.amazonaws.com
Software: nginx/1.12.1 / PHP/7.1.15
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:18 GMT
server: nginx/1.12.1
x-powered-by: PHP/7.1.15
content-type: text/html; charset=UTF-8

GET
H/1.1 204
No Content gtm.php Show response
banner.vic-m.co/adserver/delivery/ 0
176 B 1225ms
244ms Script
text/html 41.76.214.250
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL: https://banner.vic-m.co/adserver/delivery/gtm.php?t=23%2F07%2F2024%2C%2010%3A43%3A17&z=2228&m=&l=&r=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&c=0.997&v=67cbad15-2f3b-4943-bad4-562dd1258ad0&w=1600&h=1200&e=e466ad6d7ba29ce6fa3f111cc0d45640&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36
Requested by: Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2228
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 41.76.214.250 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS: tla.dedicated.co.za
Software: nginx/1.16.1 / PHP/7.3.27
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:41:40 GMT
Server: nginx/1.16.1
Connection: keep-alive
X-Powered-By: PHP/7.3.27
Content-Type: text/html; charset=UTF-8

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
370 B 105ms
103ms XHR
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=983742&w=400&h=225&skip=1&req_type=1&ip=82.199.130.40&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&l=en-GB&dt=2&c=DE&pid=63457&sid=28473&sname=heraldlive.co.za_28473&d=heraldlive.co.za&sp=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:19 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
630 B 539ms
177ms XHR
application/xml 3.73.24.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=video/3gpp,video/mp4,video/webm,video/x-flv&p_aso.video.playbackmethod=2&rp_schain=1.0,1!vidoomy.com,63457,1,&gdpr=0&gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.24.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-24-37.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: 460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
date: Tue, 23 Jul 2024 09:43:19 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.heraldlive.co.za
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 28
x-http2-stream-id: 9643

GET
H2 200 715072 Show response
vid.springserve.com/vast/ 2 KB
1 KB 388ms
56ms XHR
application/xml 18.203.16.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/715072?w=400&h=225&cb=385671&url=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.16.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-16-123.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 357f9c35026eb85f7633500dc256a1355d0fb3c8b5ee21aa73232babf3d2b8d6

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.heraldlive.co.za
date: Tue, 23 Jul 2024 09:43:19 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/xml

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
370 B 104ms
103ms XHR
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=441634&w=400&h=225&skip=1&req_type=1&ip=82.199.130.40&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&l=en-GB&dt=2&c=DE&pid=63457&sid=28473&sname=heraldlive.co.za_28473&d=heraldlive.co.za&sp=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:19 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
370 B 179ms
178ms Fetch
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=983742&w=400&h=225&skip=1&req_type=1&ip=82.199.130.40&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&l=en-GB&dt=2&c=DE&pid=63457&sid=28473&sname=heraldlive.co.za_28473&d=heraldlive.co.za&sp=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:19 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
370 B 469ms
469ms XHR
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=983742&w=400&h=225&skip=1&req_type=1&ip=82.199.130.40&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&l=en-GB&dt=2&c=DE&pid=63457&sid=28473&sname=heraldlive.co.za_28473&d=heraldlive.co.za&sp=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:19 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
370 B 180ms
179ms Fetch
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=441634&w=400&h=225&skip=1&req_type=1&ip=82.199.130.40&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&l=en-GB&dt=2&c=DE&pid=63457&sid=28473&sname=heraldlive.co.za_28473&d=heraldlive.co.za&sp=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:19 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
370 B 340ms
146ms XHR
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=441634&w=400&h=225&skip=1&req_type=1&ip=82.199.130.40&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&l=en-GB&dt=2&c=DE&pid=63457&sid=28473&sname=heraldlive.co.za_28473&d=heraldlive.co.za&sp=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:19 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 vpaid_e12af736.js Show response
vpaid.springserve.com/production/ Frame F598 531 KB
91 KB 390ms
65ms Script
application/javascript 2600:9000:206f:3600:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_e12af736.js
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3600:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb7ab9c6912a5304d5e3eeb671c1c1e858ce78bd7234f94cfd1efd55a28af698

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 17:18:21 GMT
content-encoding: br
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jul 2024 20:19:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1009500
etag: W/"6ef937ae8a87ef289ddf38c1c000b5b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2678400
x-amz-cf-id: C7Wqg12QHFqe6iQ69-BxuQPSbFGfibY-3NTf7ZBj-U96CV3fwpmw1Q==

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame F598 1011 B
864 B 448ms
128ms XHR
application/xml 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,1721727799391,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_e12af736.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 461c1ba2d999d0f384313628be38a57d7d1b7bc666185288bd7041617cebd002

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 09:43:21 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.heraldlive.co.za
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 624
expires: Tue, 23 Jul 2024 09:43:21 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame F598 1004 B
859 B 448ms
130ms XHR
application/xml 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,&plcmt=4
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_e12af736.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 492ea3e7df7602afbacadd67398f726900029ccec7139033e501f03a13c89927

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 09:43:21 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.heraldlive.co.za
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 620
expires: Tue, 23 Jul 2024 09:43:21 GMT

POST
H2 200 i
vid-io-dub.springserve.com/vd/ Frame F598 0
155 B 445ms
128ms Ping
text/plain 52.212.85.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=ed6baf05&ps_id=715072&batch=heavy_ads
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_e12af736.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.85.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-85-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.heraldlive.co.za
date: Tue, 23 Jul 2024 09:43:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
access-control-allow-methods: GET, OPTIONS

POST
H2 204 collect Show response
region1.google-analytics.com/g/ 0
45 B 65ms
63ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BWERR8GS85&gtm=45je47h0v9115178239z878478613za200zb78478613&_p=1721727793072&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=95250753&cid=680511952.1721727795&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1721727796&sct=1&seg=0&dl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&dt=Your%20Weekend%20%7C%20The%20Weekend%20Post&en=SubsStatus&ep.UID=&ep.Subscriber=no&_et=3&tfd=11352&_z=fetch
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 09:43:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldlive.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame C040 159 KB
38 KB 72ms
53ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,1721727799391,,
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:21 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 05:15:25 GMT
server: Apache
etag: "27bcd-5f762218e8e3a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38303

GET
H2 200 showad.js
ads.pubmatic.com/AdServer/js/ Frame 0AEF 0
0 221ms
60ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,1721727799391,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=66074
content-encoding: gzip
content-length: 14331
content-type: text/html
date: Tue, 23 Jul 2024 09:43:22 GMT
expires: Wed, 24 Jul 2024 04:04:36 GMT
last-modified: Wed, 05 Jun 2024 06:37:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C040 39 KB
14 KB 77ms
72ms Script
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,1721727799391,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 351e903753c5f1256e3afdd5b3d66a1091e65507f1ee879737c81bdb4f2d2b9e

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:21 GMT
content-encoding: gzip
last-modified: Wed, 05 Jun 2024 06:37:25 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=66075
accept-ranges: bytes
content-length: 14331
expires: Wed, 24 Jul 2024 04:04:36 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame C040 27 B
339 B 285ms
63ms XHR
application/xml 198.47.127.206
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,1721727799391,,&us_privacy=&cb=1721727801944&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.heraldlive.co.za%252Fweekend-post%252Fyour-weekend%252F&screenResolution=1600x1200&kdntuid=1&vwndh=150&vwndw=0&vwndurl=https%253A%252F%252Fwww.heraldlive.co.za%252Fweekend-post%252Fyour-weekend%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-7-23%2010:43:22&ranreq=0.5865572382946238&timezone=1&sua_br=[]&sua_mob=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,1721727799391,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.206 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: NGNADS /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:22 GMT
content-encoding: gzip
pmfcgi-resp: TRUE
server: NGNADS
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.heraldlive.co.za
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H2 200 track
st.pubmatic.com/ Frame C040 0
91 B 245ms
58ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1721727803&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 23 Jul 2024 09:43:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 8E61 159 KB
38 KB 54ms
54ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,&plcmt=4
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:23 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 05:15:25 GMT
server: Apache
etag: "27bcd-5f762218e8e3a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38303

GET
H2 200 track
st.pubmatic.com/ Frame F598 0
49 B 58ms
58ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1721727801&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 23 Jul 2024 09:43:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 showad.js
ads.pubmatic.com/AdServer/js/ Frame 1251 0
0 0ms
0ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,&plcmt=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=66074
content-encoding: gzip
content-length: 14331
content-type: text/html
date: Tue, 23 Jul 2024 09:43:22 GMT
expires: Wed, 24 Jul 2024 04:04:36 GMT
last-modified: Wed, 05 Jun 2024 06:37:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 8E61 39 KB
0 77ms
72ms Script
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,&plcmt=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 351e903753c5f1256e3afdd5b3d66a1091e65507f1ee879737c81bdb4f2d2b9e

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:21 GMT
content-encoding: gzip
last-modified: Wed, 05 Jun 2024 06:37:25 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=66075
accept-ranges: bytes
content-length: 14331
expires: Wed, 24 Jul 2024 04:04:36 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 8E61 27 B
126 B 65ms
62ms XHR
application/xml 198.47.127.206
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,&plcmt=4&us_privacy=&cb=1721727803153&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.heraldlive.co.za%252Fweekend-post%252Fyour-weekend%252F&screenResolution=1600x1200&kdntuid=1&vwndh=150&vwndw=0&vwndurl=https%253A%252F%252Fwww.heraldlive.co.za%252Fweekend-post%252Fyour-weekend%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-7-23%2010:43:23&ranreq=0.5214031349600692&timezone=1&sua_br=[]&sua_mob=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=1=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&schain=1.0,1!vidoomy.com,63457,1,&plcmt=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.206 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: NGNADS /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:43:23 GMT
content-encoding: gzip
pmfcgi-resp: TRUE
server: NGNADS
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.heraldlive.co.za
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H2 200 track
st.pubmatic.com/ Frame 8E61 0
49 B 82ms
81ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1721727804&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 23 Jul 2024 09:43:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 track
st.pubmatic.com/ Frame F598 0
49 B 102ms
56ms Image
text/plain 185.64.189.221
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1721727801&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 23 Jul 2024 09:43:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET i
vid-io-sin.springserve.com/vd/ Frame F598 0
0

GET
H2 200 i
vid-io-cle.springserve.com/vd/ Frame F598 43 B
206 B 805ms
251ms Image
image/gif 35.81.64.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=ed6baf05&ps_id=715072&event=cm_js_demand_req_resp&a_cc=s.715072-d.437974&dtidx=1&cc_i=0&response_time=472&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1721727803863&_dsp_bf_cur=UNKNOWN&ip=82.199.130.40&_disyn=1&ssid=91984f51-e84c-4ac6-804d-81a41ae64196.1721727799391&uuid=ed6baf05-3090-494a-845f-3a4b8e4f44f5&url=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&did=53fe0ae7-1ef4-8c7a-7048-496e5acf1e90&_rcc=bs.223293_vp.220993&d=heraldlive.co.za&w=400&h=225&cc=DE&dtnum=1&ss_region=dub&d_m=www.heraldlive.co.za&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=6181312
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.81.64.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-64-53.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Jul 2024 09:43:24 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET i
vid-io-sin.springserve.com/vd/ Frame F598 0
0

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame F598 43 B
205 B 474ms
108ms Image
image/gif 35.171.96.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=ed6baf05&ps_id=715072&event=cm_js_demand_req_resp&a_cc=s.715072-d.1183021&dtidx=1&cc_i=0&response_time=486&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1721727803863&_dsp_bf_cur=UNKNOWN&ip=82.199.130.40&_disyn=1&ssid=91984f51-e84c-4ac6-804d-81a41ae64196.1721727799391&uuid=ed6baf05-3090-494a-845f-3a4b8e4f44f5&url=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&did=53fe0ae7-1ef4-8c7a-7048-496e5acf1e90&_rcc=bs.223293_vp.220993&d=heraldlive.co.za&w=400&h=225&cc=DE&dtnum=1&ss_region=dub&d_m=www.heraldlive.co.za&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=2753523
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.96.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-96-17.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Jul 2024 09:43:24 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-cle.springserve.com/vd/ Frame F598 43 B
205 B 789ms
251ms Image
image/gif 35.81.64.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=ed6baf05&ps_id=715072&event=js_demand_error&a_cc=s.715072-d.437974&dtidx=1&cc_i=0&response_time=1328&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1721727803863&_dsp_bf_cur=UNKNOWN&ip=82.199.130.40&_disyn=1&ssid=91984f51-e84c-4ac6-804d-81a41ae64196.1721727799391&uuid=ed6baf05-3090-494a-845f-3a4b8e4f44f5&url=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&did=53fe0ae7-1ef4-8c7a-7048-496e5acf1e90&_rcc=bs.223293_vp.220993&d=heraldlive.co.za&w=400&h=225&cc=DE&dtnum=1&ss_region=dub&d_m=www.heraldlive.co.za&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=8093882
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.81.64.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-64-53.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Jul 2024 09:43:24 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame F598 43 B
206 B 458ms
109ms Image
image/gif 35.171.96.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=ed6baf05&ps_id=715072&event=js_demand_opportunity&a_cc=s.715072-d.1183021&dtidx=1&cc_i=0&response_time=1&creative_type=JS_VPAID&_t1=1&timestamp=1721727803863&_dsp_bf_cur=UNKNOWN&ip=82.199.130.40&_disyn=1&ssid=91984f51-e84c-4ac6-804d-81a41ae64196.1721727799391&uuid=ed6baf05-3090-494a-845f-3a4b8e4f44f5&url=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&did=53fe0ae7-1ef4-8c7a-7048-496e5acf1e90&_rcc=bs.223293_vp.220993&d=heraldlive.co.za&w=400&h=225&cc=DE&dtnum=1&ss_region=dub&d_m=www.heraldlive.co.za&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=1800676
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.96.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-96-17.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Jul 2024 09:43:24 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame F598 43 B
205 B 458ms
109ms Image
image/gif 35.171.96.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=ed6baf05&ps_id=715072&event=js_demand_error&a_cc=s.715072-d.1183021&dtidx=1&cc_i=0&response_time=843&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1721727803863&_dsp_bf_cur=UNKNOWN&ip=82.199.130.40&_disyn=1&ssid=91984f51-e84c-4ac6-804d-81a41ae64196.1721727799391&uuid=ed6baf05-3090-494a-845f-3a4b8e4f44f5&url=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&did=53fe0ae7-1ef4-8c7a-7048-496e5acf1e90&_rcc=bs.223293_vp.220993&d=heraldlive.co.za&w=400&h=225&cc=DE&dtnum=1&ss_region=dub&d_m=www.heraldlive.co.za&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=3921691
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.96.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-96-17.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Jul 2024 09:43:24 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame F598 43 B
205 B 459ms
111ms Image
image/gif 35.171.96.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=ed6baf05&ps_id=715072&event=js_supply_error&time_on_page=2672&reason=NO_FILL&timeout=false&timestamp=1721727803863&_dsp_bf_cur=UNKNOWN&ip=82.199.130.40&_disyn=1&ssid=91984f51-e84c-4ac6-804d-81a41ae64196.1721727799391&uuid=ed6baf05-3090-494a-845f-3a4b8e4f44f5&url=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&did=53fe0ae7-1ef4-8c7a-7048-496e5acf1e90&_rcc=bs.223293_vp.220993&d=heraldlive.co.za&w=400&h=225&cc=DE&dtnum=1&ss_region=dub&a_cc=s.715072&d_m=www.heraldlive.co.za&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=7647360
Requested by: Host: www.heraldlive.co.za
URL: https://www.heraldlive.co.za/weekend-post/your-weekend/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.96.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-96-17.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Jul 2024 09:43:24 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

POST
H/1.1 200
OK e Show response
ad.vidoomy.com/api/adserver/tracking/ 28 B
460 B 268ms
126ms XHR
text/plain 212.36.83.216
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidoomy.com/api/adserver/tracking/e?data=ZXZlbnQ9QWRUYWdSZXF1ZXN0JmZvcm1hdD0xJmlkPSZkb21haW49aGVyYWxkbGl2ZS5jby56YSZ1PWYwODQ0MTlkLTAzZjktNDg0My04ZGM4LWYwNjkzOGRiYmYzMyZ6b25lSWQ9Mjg0NzMmZXhlY3V0aW9uPSZkdXJhdGlvbj0mcmVxdWVzdFN0YXR1cz0mcmVxdWVzdFNpemU9JmNTdHJpbmdTdGF0dXM9bm90LWZvdW5kJnZpZXdhYmlsaXR5TWV0aG9kPUlOVEVSU0VDVElPTk9CU0VSVkVSJnI9Jmxvb3A9MCZwdmVyc2lvbj0zLjE2LjEyJmRhdGFTb3VyY2U9YWRnZXQmdHM9MTcyMTcyNzc5ODcwNSZjb3VudHJ5PURFJnNkaz0mY2l0eT0wJnJlZ2lvbj0wJnRpbWVFbGFwc2VkPSZ0aW1lc0NhbGxlZD0mcGFnZVVybD1odHRwcyUzQSUyRiUyRnd3dy5oZXJhbGRsaXZlLmNvLnphJTJGd2Vla2VuZC1wb3N0JTJGeW91ci13ZWVrZW5kJTJG
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.216 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: w4.vdmy.dtic.es
Software: nginx /
Resource Hash: 30760ba5ec1169343ff3a2a1433973ab93870e317dc6535ec867f82a76abe42d

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
Content-Transfer-Encoding: base64
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 23 Jul 2024 09:43:24 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Content-Transfer-Encoding: base64
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 28

OPTIONS
H/1.1 200
OK e
ad.vidoomy.com/api/adserver/tracking/ Frame 0
0 283ms
76ms Preflight 212.36.83.216
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidoomy.com/api/adserver/tracking/e?data=ZXZlbnQ9QWRUYWdSZXF1ZXN0JmZvcm1hdD0xJmlkPSZkb21haW49aGVyYWxkbGl2ZS5jby56YSZ1PWYwODQ0MTlkLTAzZjktNDg0My04ZGM4LWYwNjkzOGRiYmYzMyZ6b25lSWQ9Mjg0NzMmZXhlY3V0aW9uPSZkdXJhdGlvbj0mcmVxdWVzdFN0YXR1cz0mcmVxdWVzdFNpemU9JmNTdHJpbmdTdGF0dXM9bm90LWZvdW5kJnZpZXdhYmlsaXR5TWV0aG9kPUlOVEVSU0VDVElPTk9CU0VSVkVSJnI9Jmxvb3A9MCZwdmVyc2lvbj0zLjE2LjEyJmRhdGFTb3VyY2U9YWRnZXQmdHM9MTcyMTcyNzc5ODcwNSZjb3VudHJ5PURFJnNkaz0mY2l0eT0wJnJlZ2lvbj0wJnRpbWVFbGFwc2VkPSZ0aW1lc0NhbGxlZD0mcGFnZVVybD1odHRwcyUzQSUyRiUyRnd3dy5oZXJhbGRsaXZlLmNvLnphJTJGd2Vla2VuZC1wb3N0JTJGeW91ci13ZWVrZW5kJTJG
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.216 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: w4.vdmy.dtic.es
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-transfer-encoding,content-type
Access-Control-Request-Method: POST
Origin: https://www.heraldlive.co.za
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-transfer-encoding,content-type
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Connection: keep-alive
Content-Length: 0
Date: Tue, 23 Jul 2024 09:43:24 GMT
Server: nginx

GET combine-13.php
ad.vic-m.co/adserver/delivery/ 0
0

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
370 B 279ms
119ms Fetch
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=983742&w=400&h=225&skip=1&req_type=1&ip=82.199.130.40&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&l=en-GB&dt=2&c=DE&pid=63457&sid=28473&sname=heraldlive.co.za_28473&d=heraldlive.co.za&sp=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:25 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
370 B 120ms
120ms XHR
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=983742&w=400&h=225&skip=1&req_type=1&ip=82.199.130.40&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&l=en-GB&dt=2&c=DE&pid=63457&sid=28473&sname=heraldlive.co.za_28473&d=heraldlive.co.za&sp=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:25 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
370 B 131ms
106ms Fetch
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=441634&w=400&h=225&skip=1&req_type=1&ip=82.199.130.40&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&l=en-GB&dt=2&c=DE&pid=63457&sid=28473&sname=heraldlive.co.za_28473&d=heraldlive.co.za&sp=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:25 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
370 B 153ms
131ms XHR
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=441634&w=400&h=225&skip=1&req_type=1&ip=82.199.130.40&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&l=en-GB&dt=2&c=DE&pid=63457&sid=28473&sname=heraldlive.co.za_28473&d=heraldlive.co.za&sp=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:25 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 204
No Content rtb
a.vidoomy.com/api/rtbserver/ 0
370 B 111ms
110ms Fetch
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=983742&w=400&h=225&skip=1&req_type=1&ip=82.199.130.40&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&l=en-GB&dt=2&c=DE&pid=63457&sid=28473&sname=heraldlive.co.za_28473&d=heraldlive.co.za&sp=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash

Request headers

Referer: https://www.heraldlive.co.za/weekend-post/your-weekend/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 23 Jul 2024 09:43:25 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.heraldlive.co.za
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET rtb
a.vidoomy.com/api/rtbserver/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vid-io-sin.springserve.com
URL: https://vid-io-sin.springserve.com/vd/i?suuid=ed6baf05&ps_id=715072&event=js_opportunity&time_on_page=29&num_bq_pt=1&num_dt_pt=2&timestamp=1721727803863&_dsp_bf_cur=UNKNOWN&ip=82.199.130.40&_disyn=1&ssid=91984f51-e84c-4ac6-804d-81a41ae64196.1721727799391&uuid=ed6baf05-3090-494a-845f-3a4b8e4f44f5&url=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&did=53fe0ae7-1ef4-8c7a-7048-496e5acf1e90&_rcc=bs.223293_vp.220993&d=heraldlive.co.za&w=400&h=225&cc=DE&dtnum=1&ss_region=dub&a_cc=s.715072&d_m=www.heraldlive.co.za&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=6862371

Domain: vid-io-sin.springserve.com
URL: https://vid-io-sin.springserve.com/vd/i?suuid=ed6baf05&ps_id=715072&event=js_demand_opportunity&a_cc=s.715072-d.437974&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1721727803863&_dsp_bf_cur=UNKNOWN&ip=82.199.130.40&_disyn=1&ssid=91984f51-e84c-4ac6-804d-81a41ae64196.1721727799391&uuid=ed6baf05-3090-494a-845f-3a4b8e4f44f5&url=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&did=53fe0ae7-1ef4-8c7a-7048-496e5acf1e90&_rcc=bs.223293_vp.220993&d=heraldlive.co.za&w=400&h=225&cc=DE&dtnum=1&ss_region=dub&d_m=www.heraldlive.co.za&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=2537619

Domain: ad.vic-m.co
URL: https://ad.vic-m.co/adserver/delivery/combine-13.php?type=javascript&files=vicinity.js,spcjs.php&zoneIds=2462&r=18753355798517557&adItem=banner_1&zone_id=2462&width=320&height=120&loctype=geoip&vicinity_id=67cbad15-2f3b-4943-bad4-562dd1258ad0&acceptedLocReq=0&l=&version=13&url=https://www.heraldlive.co.za/weekend-post/your-weekend/&wbdb=

Domain: a.vidoomy.com
URL: https://a.vidoomy.com/api/rtbserver/rtb?id=983742&w=400&h=225&skip=1&req_type=1&ip=82.199.130.40&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&l=en-GB&dt=2&c=DE&pid=63457&sid=28473&sname=heraldlive.co.za_28473&d=heraldlive.co.za&sp=https%3A%2F%2Fwww.heraldlive.co.za%2Fweekend-post%2Fyour-weekend%2F&coppa=&gdpr=0&gdprcs=&vpaid=1

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.heraldlive.co.za/weekend-post/your-weekend	1970-01-21 07:51:27	Name: vicinity_id Value: 67cbad15-2f3b-4943-bad4-562dd1258ad0__1781727737349
www.heraldlive.co.za/	1969-12-31 23:59:59	Name: session Value: eyJyZXR1cm5fdXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkbGl2ZS5jby56YS93ZWVrZW5kLXBvc3QveW91ci13ZWVrZW5kLyJ9\|1721727792\|2a5d9345a230368ea8e117db95f6cb6e6ea480ee
.heraldlive.co.za/	1970-01-20 22:16:54	Name: _gid Value: GA1.3.849401307.1721727795
.heraldlive.co.za/	1970-01-20 22:15:27	Name: _gat_UA-2619645-1 Value: 1
.heraldlive.co.za/	1970-01-21 00:25:03	Name: _fbp Value: fb.2.1721727795455.31729511940734607
.bidswitch.net/	1970-01-21 07:01:03	Name: tuuid Value: 7015c456-b5ed-4c76-a897-c3c98a40d6f5
.bidswitch.net/	1970-01-21 07:01:03	Name: c Value: 1721727795
.bidswitch.net/	1970-01-21 07:01:03	Name: tuuid_lu Value: 1721727795
.sitescout.com/	1970-01-21 07:01:03	Name: ssi Value: 0da8d2e1-6e6d-4521-8874-40849641f1ee#1721727795615
.ads.stickyadstv.com/	1970-01-20 22:58:39	Name: UID Value: 907d13bf63a24fcddc99924af7474e1
.sitescout.com/	1970-01-20 22:58:39	Name: _ssuma Value: eyIzOSI6MTcyMTcyNzc5NTgwNywiNyI6MTcyMTcyNzc5NTgwN30
.heraldlive.co.za/	1970-01-21 07:51:27	Name: _ga Value: GA1.1.680511952.1721727795
.heraldlive.co.za/	1970-01-21 07:51:27	Name: _ga_BWERR8GS85 Value: GS1.1.1721727796.1.0.1721727796.0.0.0
.taptapnetworks.com/	1970-01-21 07:01:03	Name: SONATA_ID Value: csonata_05146a5e-7985-43c6-8da5-e8bd6681a41d
.crwdcntrl.net/	1970-01-21 04:44:13	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-21 04:44:13	Name: _cc_id Value: 33ddf423c39fa063f1da52b6990b00f5
.crwdcntrl.net/	1970-01-21 04:44:15	Name: _cc_cc Value: "ACZ4nGNQMDZOSUkzMTJONrZMSzQwM04zTEk0NUoys7Q0SDIwSDNlAIK0%2BdUmDAgAAFYTCos%3D"
.crwdcntrl.net/	1970-01-21 04:44:15	Name: _cc_aud Value: "ABR4nGNgYGBIm19twgAHABW5AbU%3D"
.heraldlive.co.za/	1970-01-21 07:51:27	Name: _ga_JNNJWFKJ2E Value: GS1.1.1721727795.1.0.1721727795.60.0.0
.tapad.com/	1970-01-20 23:41:51	Name: TapAd_TS Value: 1721727797383
.tapad.com/	1970-01-20 23:41:51	Name: TapAd_DID Value: 4fc66b59-ff31-4ca6-9673-50a2156dc869
.tapad.com/	1970-01-20 23:41:51	Name: TapAd_3WAY_SYNCS Value:
.vidoomy.com/	1970-01-21 07:01:03	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjcwMTVjNDU2LWI1ZWQtNGM3Ni1hODk3LWMzYzk4YTQwZDZmNSIsImV4cGlyZXMiOjE3MjQzMTk3OTd9fX0=
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=umzj8potbg4y&acs_rt=58ebfd2c14aa4369ad5b4b5c3dac870e
.aliexpress.com/	1970-01-21 07:51:27	Name: aeu_cid Value: 73b0a59254844f3d90693630a41c2592-1721727798001-07713-_ePNSNV
.aliexpress.com/	1970-01-21 00:25:03	Name: xman_t Value: krLodd+fsJyJHYNU8iT7Dlt9A6eM2NBdD/sDezWfp1Pzi92rBJU016DDCGxzdk20
.aliexpress.com/	1970-01-21 07:51:27	Name: xman_f Value: RAhJoPoEVsiYUtLflEJyREsQQc0gnid0VdKB3kiMPvhQC0pPkrJ3nRy3WlVaiUmeswhPhONoqY5ZDSbVtbXzkgH7P3Jg3PtNeGUVt039Z99m88on0OL6pw==
.aliexpress.com/	1970-01-21 07:51:27	Name: aep_usuc_f Value: site=glo&c_tp=GBP&region=UK&b_locale=en_US
.springserve.com/	1970-01-20 22:55:46	Name: ssid Value: 91984f51-e84c-4ac6-804d-81a41ae64196
.springserve.com/	1970-01-20 22:55:46	Name: sst Value: 1721727799391
.rubiconproject.com/	1970-01-21 07:01:03	Name: khaos Value: LYY8A0ES-A-GXD2
.rubiconproject.com/	1970-01-21 07:01:03	Name: audit Value: 1\|naVuGyos1qqcx4G6iSuaDN0K09KxATlnbGN24MnCN2Z1PRLZobAYa9RP5MCfifMcjZQSaZgKtGyGyJVIWEYd8IYNNd7gc07RRw6xunrQy4Eijy0RC4Zd8dAPlTu0R9RN
.aliexpress.us/	1970-01-21 07:51:27	Name: xman_us_f Value: x_l=0&x_locale=en_US&x_c_chg=1&x_c_synced=1
.aliexpress.us/	1970-01-21 07:51:27	Name: aep_usuc_f Value: region=UK&site=glo&b_locale=en_US&c_tp=GBP
.aliexpress.us/	1969-12-31 23:59:59	Name: acs_usuc_t Value: acs_rt=6b73923c90a7490dab22430eb8764300&x_csrf=1b5ztle9u352x
.aliexpress.us/	1970-01-21 00:25:03	Name: xman_t Value: JVzfNub3KaZ4njoGL8g/NKYf9EMLSaBdAWguLGpLK/zAfgxW4w9IKLHXlwIo2QhD
.aliexpress.us/	1970-01-21 07:51:27	Name: xman_f Value: KwA8G41V4HPcq1zeQlCef2fuG0qADdU1MG4kShNq2XvBuTh+xegxBCkSfjE4EUGu
.aliexpress.ru/	1970-01-21 07:51:27	Name: xman_us_f Value: x_l=0&x_locale=en_US&x_c_chg=1&x_c_synced=1
.aliexpress.ru/	1970-01-21 07:51:27	Name: aep_usuc_f Value: region=UK&site=glo&b_locale=en_US&c_tp=GBP
.aliexpress.ru/	1969-12-31 23:59:59	Name: acs_usuc_t Value: acs_rt=dede9abe5150416f9d710d7106f6fb8e&x_csrf=5o4gy52em1_v
.aliexpress.ru/	1970-01-21 00:25:03	Name: xman_t Value: yp+nCSqHSmic+KKgTGEEsfiaZSwJopTGkJT5Kiodd7TnC3MRgcMiEsuW0rmJL9su
.aliexpress.ru/	1970-01-21 07:51:27	Name: xman_f Value: XO1pLWbPGXm45TNITXy3JHXd/a0aei1Z+lolrVKCOZ8D4iej5vQQIkMN9QY5kDS0
.aliexpress.com/	1970-01-20 22:25:32	Name: _m_h5_tk Value: 17477b6a27a5ec025ad959f284fb0724_1721729782482
.aliexpress.com/	1970-01-20 22:25:32	Name: _m_h5_tk_enc Value: 6a7007ee9d048ad1895713e5cd98f2ed
.aliexpress.com/	1970-01-20 22:19:47	Name: xlly_s Value: 1
.aliexpress.com/	1970-01-21 07:51:27	Name: xman_us_f Value: x_l=0&x_locale=en_US&x_c_chg=1&acs_rt=58ebfd2c14aa4369ad5b4b5c3dac870e&x_as_i=%7B%22aeuCID%22%3A%2273b0a59254844f3d90693630a41c2592-1721727798001-07713-_ePNSNV%22%2C%22af%22%3A%22656490%22%2C%22affiliateKey%22%3A%22_ePNSNV%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22177275576%22%2C%22tagtime%22%3A1721727798001%7D
.de-wum.aliexpress.com/	1970-01-21 07:01:03	Name: cbc Value: T2gAjcY-LCCTLBkEkWIJif9PuIBOnyV1x75jLonepA9C68TCTKLb8ZfvtOw3nxMx5U4=
.aliexpress.com/	1970-01-21 02:34:39	Name: isg Value: BHNzLWNsEYXKUN3RbnpfByJMAn6dqAdqujX70yUQzxLJJJPGrXiXutG23kzKhF9i
.de-wum.aliexpress.com/	1970-01-21 07:01:03	Name: umdata_ Value: T2gAPnftDkrwvCUeiV3gDlR4B5nPs5FPriPDeEMBCRcC93lzf5jOHAV-bpNcKyJppWw=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vidoomy.com
a11ybar.com
ad.vic-m.co
ad.vidoomy.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
applets.ebxcdn.com
banner.vic-m.co
best.aliexpress.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
korfo.org
leo.vic-m.co
lh3.googleusercontent.com
nethcdn.com
optimized-by.rubiconproject.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
powered-by-revidy.com
region1.analytics.google.com
region1.google-analytics.com
s.click.aliexpress.com
securepubads.g.doubleclick.net
sonata-notifications.taptapnetworks.com
st.pubmatic.com
static.vic-m.co
stats.g.doubleclick.net
sync.crwdcntrl.net
t.effectivemeasure.net
trackerapi.ebxcdn.com
vid-io-cle.springserve.com
vid-io-dub.springserve.com
vid-io-iad.springserve.com
vid-io-sin.springserve.com
vid.pubmatic.com
vid.springserve.com
vpaid.pubmatic.com
vpaid.springserve.com
vpaid.vidoomy.com
weatherwidget.io
weekendpost.co.za
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.heraldlive.co.za
x.bidswitch.net
a.vidoomy.com
ad.vic-m.co
vid-io-sin.springserve.com
104.17.24.14
13.58.45.4
142.132.202.70
142.250.185.194
142.250.186.131
142.250.186.174
157.240.253.1
172.67.136.238
172.67.181.105
172.67.212.172
18.203.16.123
184.30.210.6
185.64.189.221
188.114.97.3
198.47.127.206
2001:4860:4802:34::36
212.36.83.216
212.36.83.245
23.35.236.201
2600:9000:2057:ea00:17:2922:12c0:93a1
2600:9000:206f:3600:15:6f6c:b180:93a1
2607:ae80:192:1::176
2a00:1450:4001:800::200e
2a00:1450:4001:800::2013
2a00:1450:4001:80b::2001
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9c
2a01:7e00:e000:3f7::
2a02:6ea0:c700::17
2a02:6ea0:d513::4
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.73.24.37
34.111.113.62
34.36.216.150
35.171.96.17
35.214.149.91
35.81.64.53
41.76.214.250
52.212.85.244
52.58.190.236
54.217.140.248
69.173.144.165
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02468826512005bea8059b5d2fe96e65a9bf1d716b61a5a082477034cd48da48
0251ce74695f112a9d5492b1d3516cfdcb7f6b1ebbef6f464abd461a5c56bebf
062ded33f73d4ac3f83ba5cb3b340e75a7e69f029bb32eaa47ec97a584fa0897
06b3b1cf2707a488df2615229eaa8492aea59d069a5f59efdc4a5466951f872b
079bb72baefbfce950b8bced236725fba7e39336f318bc1700744b2f648c0b7b
09c1718f98f43e0d4991844650eefac1459a39b3817fa8e09960425e0e3055ae
0ac0a59e92b15d8f33f485724aa0d32d27fc2ea606cf222639cbfb4209400c04
0affb790b92cd4a6688c8f5e9c09778c2ebb6cc9fc75f375d32655cd57e3ea92
0b49785e62282d78098e59a809f82fac5399ca5061a253a71c24ef637f02bea2
0c5660cab0afda99715dfa914c8156056d8babc184c31db4f07759db0a539aeb
0dcab0765de8b009361f988cd6784591a5e2c4b4445db4403d30596f3f6e632c
109736135dc84f02f379825bd2b48998e17068eaf1f085df5f52e80537a4257d
1346c1a64bda95f1bbe57121280cfb71310f2ff6771cb70811b3261b7aad3cb3
1574dcdf79afca1f83491527c5d1364fb9c1bf7ab96062f416225a0772295d82
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
28f84a5da577a1727b91c00ad1e8b55edd66a2fc114badc00ee8bc6c6d64b213
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c0d4466278c336e1945bf447dfc4c72b02b667ac32ba9226a00976542b92184
2c516f64fea4cde2ccc60f3196b6d883b732a6d170871079bd59107f33e66504
2e9a2bb26cbf4200bcd846fa8ff112684db3b41e6be8c7b044d86ebebe8f98aa
2f710e11a1aaa018339300dda3b3c8242d750378ca39a1e19df6148d3c8f328e
3010192f9bb5fe1da34421599bf624e8c31dbb089efbf02f30e65aa445f920d5
30760ba5ec1169343ff3a2a1433973ab93870e317dc6535ec867f82a76abe42d
351e903753c5f1256e3afdd5b3d66a1091e65507f1ee879737c81bdb4f2d2b9e
357f9c35026eb85f7633500dc256a1355d0fb3c8b5ee21aa73232babf3d2b8d6
3aa72da4fe5441833ebe1811d16086b8414a85c0f0cae2d476cfe56e556fe4c8
3ae0a1326e3444deb5fd47c4bda1570f6ddf0fc93fda4ee951829a2afe5f6fa4
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf
461c1ba2d999d0f384313628be38a57d7d1b7bc666185288bd7041617cebd002
492ea3e7df7602afbacadd67398f726900029ccec7139033e501f03a13c89927
4d1d8216cfd57c75709ab7f0c3975d9babbc14a64c2c98c4dbe9da6d0612a4d5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5153726d016f99993ed46e34ab12e3f48f39cdd2708677092345b925815f772b
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5431547b23171a3b3c52a2174174766613986f509de90ab235c81f808bec92f8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55093063eb4245bee2b66d749388fddea8bfd336b75660785c9d507c9cec0e75
59d1ce7fb23e28c96e340f0e5a3f8db389cf46ad3ab54b4bfcd419d800d7d73a
5b5c6e60a261a3d0238081763b2b4231df7e43eec6c66aaa26c3c60751f317bd
5c167008fdcefbcc45c3ddfbf32e1ed00793ffb7ba092d38197506cf147dd3ac
5c33cd7bde953773f327fe8d5c118cb135a519aee66921ac8777610ac91385be
6929bd28b251e2f2422e60ea53fe985df8c7810a7292d762160f7310966e8e8a
6a0a6797ea34236cfd5bef993fdeeee494cedbd1a4cb42e0e587f8eae0a86ba8
6ae1eb1a0dca091a39fe88f414b82bcf7317c67f3ab9de1439c9727bf97b666a
6b6e5522e848eb470dc2648937f28971b5e29c0e566a7c6535a64573c609573d
6d8ff791b6b75cfd2b051a7d98e747cdbd28219e51b8039042960841755569c3
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d
6e1fa095b32380cfc9012d96ac2284c414e1b69800f6449e11bb626955c07e3e
727251dbc6460e0cbb0e5d32df456d55620083dc35d4238e08c3b39c282bec31
75aecc451658f90995fea2265231e24e1a810b0c3fc051b41cfb92f07fe8623f
77eb92fcd855f6f906e743793156766c1c2e34dbe235b256e1a338df2fc20784
7ae601be1f59bcf6451e6e0c3706c56eb25a99d09796e165d63be13d94e2e660
7b4bf3f11858ab9b179c27c5c503f5e9696a155fa8a822aff952ac039f702cf1
7f2d6d418976835f180256b4d0a745cf9ae4b116ce1d841f3d615f6dcd4db6e5
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8513fc21eded455109b9c58534ff0582495a486c74a86d5d6f26ca77c456391a
8a7f8a4f0dc7383c9b74d5700fb0bceff126a0a7bd58316151bb769f746565e0
8b24b4648287741c730d3f509c40424f2ec166d99ba3d58d6cae744700f7120a
8b31f8d1c1d19165c14013ab3136508215508d830de43d2f99787b1450cd1ce5
8b8d5614a35711901db89c7f421d9822b6d9885ee1836fd6ceec2cad3a6af254
9345403cb61c38daf44f314ee25f2f62370b2c360fd7b9b9c5ad24eba2293a19
946c3a0676dc1f21d5888daad96e7dcde07d6ef1805d20f2bd5502b90de7d93f
9e78b3d1174879ec3bc6c7ba1c830a3a5182fd2ecc790f7470ffacdecd3360f6
9ebd4167f95a059d52b0b64b69ec1348baf783010f6523be548121398b4ada21
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0fd89cb5114e08bd4b4baa1badd07cc45aab7fc3e085cc174c7632c221a84e2
a4fc478877ae31d55a00ccd0a0aba78740623e34400b5417ef38b5ee2456e439
a5c369577056a2a6af3b0ee3b66d2575a424fbca4bd1ba69ae40c64ab7851fe2
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa851bade9a78d0aaccb7ed160e31dbde4975ee80674783452b90e1661695d08
ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2
ae723359f13e5593e4c492c99a8d4751a3349efc137fb3ea701a991c4867b242
b453b6018cfeddfee67cd3ab2776a134adfd94ac4424daffa84c0c1abf7b5260
b4dd85165b81e84e58b4f4f095b7fabee758184c6837e8a92c1ba96330c9d311
b4fc3fb3beabd2be48b1a33ac4cb87015fe36ab8d98f884260f6c068ba680b0d
b75db09a5d7635817f39f89829190ff05ace3708b08ad1bb03d765caa43c24fe
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb7ab9c6912a5304d5e3eeb671c1c1e858ce78bd7234f94cfd1efd55a28af698
c2691e637c13ff272bf70ccd8c1179a695ee478bf87e7ec2ff5adbdccf263af9
ce776db6760cfd1841280906b65e29af5764c1245be7249e2aed4127ce1906e5
cfe033fc215b52a0b6786b131136351189311622962539948bbff8302da8a21e
d95e1abf1b719ee4878735c90c7be8c23c1d9a7d6b10ccd115eb45aa018861dd
db8dcddcd1a1635f010ad594ed16d58d9c6261e89a2f111295f9a752deed838b
dc52ec218764bf1bc3f435496addfeeb1da1ca7a5044d0c4c7c6c10bfa8b1adc
dd039902ea03a32c485a4ebae41a5a21055224460ef558c2532382959c2afbe2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfe4146c226afab7a30c7dfa36827f2572a708f1fc96c8fa9247910c5005088c
e248de9c873d3c3a47b17457426144c61ba2d78f3f37d88614c2d68d6a321cd5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e
e4f0d6adfac1d5eca4826e695251eb2384f1d465c71cb6c43f130a71c4feffba
e6516ba5da19a47af8adab45ff85937984bdf6d865b4b356deec1da7907ee3a0
e8547fc320165d65ae0dada71ff77ff63b506246a8dd6f0efb2c48499417f946
e99632141913dc53583b474042f988d3e31b2749b1c52b25a950fcb82b22c208
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
eab85fe0279f5ef643d3aeffb948e7132440bed2fafdbd5c228477fec1d1c2c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef75f6a856a2f070c51d231b6d47a150dfe847c4e96de88b826f83a941e468c1
f04e147fe554c3690764426dc276dcc67d7d1e497bb03c4e6b0b3d4631c8be8a
f3055e41635b42441d8ab1d8ae4d93b8eae5e0e0cfe6b1e1e5b062452e55bbe6
f3b68838d74ce3161b6a55a4156df5928cabf3a66ef877e335004cc88e2e6a90
f4dafdd94f789a13c39c29335b6cee9a513669c60d779ffb1f19c50f4b1b0c3e
f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51
f9abfd62c47254ab07979102d38d0ed8ca062abee6bffd2ad77a085bc5374431
fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84

www.heraldlive.co.za Open in urlscan Pro 2a00:1450:4001:800::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

95 %HTTPS

37 %IPv6

32 Domains

52 Subdomains

41 IPs

10 Countries

3310 kBTransfer

8142 kBSize

49 Cookies

17 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heraldlive.co.za Open in urlscan Pro
2a00:1450:4001:800::2013 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

95 %
HTTPS

37 %
IPv6

32
Domains

52
Subdomains

41
IPs

10
Countries

3310 kB
Transfer

8142 kB
Size

49
Cookies

137 HTTP transactions
21 data transactions